Virtual switch is grabbing a cisco mac.

Latest response

I have an hpc cluster with two physical servers which have kvms running. On each physical server there is one kvm which intermittently has the mac of a cisco switch populated in the arp table. Is there a configuration for the bridge port that will prevent this corruption?

Responses

I presume you have the VMs bridged into the physical LAN, like so:

(( network )) --- [ Hypervisor eth0 ] --- [ Bridge br0 ] --- [ vnetX ] --- [ VM eth0 ]

The hypervisor's IP in that subnet is on br0 and the VM's IP in that subnet is on the VM's eth0. The switch might be acting as the gateway if it's an L3 switch, might have a HSRP pair of switches doing that, or might be doing proxy ARP for a different part of the network.

If the switch has a switch IP appearing in the VM neighbour table, the switch is broadcasting out for some reason. Maybe it's announcing the gateway address between switch pairs? Maybe it's doing proxy ARP for other systems in the same subnet?

You can block whatever L2 traffic you like with arptables on the hypervisor or within the VM. If you do want to block ARP from appearing in the VM's neighbour table, inside the VM is probably the best place.

However in this instance I'm not sure that blocking the switch's MAC from each VM is a good idea.

Unless this causes some sort of problem or outage, I'd say just let the network do its thing.

Thanks for your response, Jamie. I think it may have been a matter of the switch broadcasting between the VSS pair, as you suggested. Cisco admins worked on it for hours to no avail. We finally move the physical connections off of that switch and onto another switch.

Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.