In this post, I’m going to show you how to use link aggregation (via the Link Aggregation Control Protocol, or LACP) with Open vSwitch (OVS). First, though, let’s cover some basics.

In the virtualization space, it’s extremely common to want to use multiple physical network connections in your hypervisor hosts to support guest (virtual machine) traffic. The problem is that modern-day networking is—for now—largely constrained by the presence of Spanning Tree Protocol (STP), which limits the use of multiple connections between network devices (especially switches). Since most hypervisors have some form of virtual switch to support guest traffic, and since users don’t want to be constrained by STP the hypervisors have had to find workarounds.

VMware works around STP by causing their virtual switches to operate in what is called “end-host mode,” meaning that the virtual switch does not participate in STP (newer versions of vSphere can, in fact, block STP BPDUs from being emitted), the virtual switch does not forward frames received on one uplink back out another uplink, and traffic from VMs is statically assigned (pinned) to an uplink. (This behavior is, of course, configurable.) Because of these default behaviors, users in VMware environments simply connect multiple links to their hosts and off they go.

Other environments behave differently. Environments using Open vSwitch (OVS), for example, need to use other methods to work around the presence of STP, especially considering that OVS is more a full-featured virtual switch than the standard VMware vSwitch. In most cases, the workaround involves the use of link aggregation; specifically, the use of Link Aggregation Control Protocol (LACP), a standardized protocol that allows devices to automatically negotiate the configuration and use of link aggregates comprised of multiple physical links.

Now that you have the background, let’s dive into the details of how to make this work. These instructions on using LACP with OVS do make a few assumptions:

  1. First, I assume that OVS is already installed and working.

  2. I assume that the management traffic to/from your host is not running through OVS, and thus won’t be interrupted by any configurations you do here. If this is not the case, and you do have management traffic running through OVS, you might want to exercise some additional caution to ensure you don’t accidentally cut your connectivity to the host.

  3. I assume that you know how to configure your physical switch(es) to support LACP on the links coming in from OVS. The configuration will vary from switch vendor to switch vendor; refer to your vendor’s documentation for details.

This post was written using Ubuntu 12.04.1 LTS and Open vSwitch 1.4.0 (installed using apt-get directly from the Precise Pangolin repositories). The use of a different Linux distribution and/or a different version of OVS might make this process slightly different.

The first step is to add a bridge (substitute your desired bridge name for ovsbr1 in the following command):

ovs-vsctl add-br ovsbr1

Once the bridge is established, then you’ll need to create a bond. This is the actual link aggregate on OVS. The syntax for adding a bond looks something like this:

ovs-vsctl add-bond <bridge name> <bond name> <list of interfaces>

So, if you wanted to add a bond to ovsbr1 using physical interfaces eth1 and eth3, your command would look something like this:

ovs-vsctl add-bond ovsbr1 bond0 eth1 eth3

However, there’s a problem with this configuration: by default, LACP isn’t enabled on a bond. To fix this, you have two options.

  1. Change the command use to create the bond, so that LACP is enabled when the bond is created.

  2. Enable LACP after the bond is created.

For option #1, you’ll simply append lacp=active to the command to create the bond, like so:

ovs-vsctl add-bond ovsbr1 bond0 eth1 eth3 lacp=active

For option #2, you’d use ovs-vsctl set to modify the properties of the bond. Here’s an example:

ovs-vsctl set port bond0 lacp=active

Once the bond is created and LACP is enabled, you can check the configuration and/or status of the bond. Assuming that you’ve already configured your physical switch correctly, your bond should be working and passing traffic. You can use this command to see the status of the bond:

ovs-appctl bond/show <bond name>

The output from that command will look something like this:

bond_mode: balance-slb

bond-hash-algorithm: balance-slb

bond-hash-basis: 0

updelay: 0 ms

downdelay: 0 ms

next rebalance: 6415 ms

lacp_negotiated: true

slave eth4: enabled

    active slave

    may_enable: true

slave eth3: enabled

    may_enable: true

slave eth1: enabled

    may_enable: true

slave eth2: enabled

    may_enable: true

This command will show more detailed LACP-specific information:

ovs-appctl lacp/show <bond name>

This command returns a great deal of information; here’s a quick snippet:

---- bond0 ----

    status: active negotiated

    sys_id: 00:22:19:bd:db:dd

    sys_priority: 65534

    aggregation key: 4

    lacp_time: fast

slave: eth1: current attached

    port_id: 4

    port_priority: 65535

    actor sys_id: 00:22:19:bd:db:dd

    actor sys_priority: 65534

    actor port_id: 4

    actor port_priority: 65535

    actor key: 4

    actor state: activity timeout aggregation synchronized collecting<br></br>distributing

    partner sys_id: 00:12:f2:cc:6d:40

    partner sys_priority: 1

    partner port_id: 12

    partner port_priority: 1

    partner key: 10000

    partner state: activity aggregation synchronized collecting<br></br>distributing

You can also use this command to view the configuration details of the bond:

ovs-vsctl list port bond0

The output from this command will look something like this:

_uuid               : ae7eb7ca-e3e0-4166-bcfb-4348071799e0

bond_downdelay      : 0

bond_fake_iface     : false

bond_mode           : []

bond_updelay        : 0

external_ids        : {}

fake_bridge         : false

interfaces          : [9963381b-6a7d-4a8f-acf8-86150361530e,<br></br>bee2df86-ed14-456b-8f3a-25fb00fa6040, daf5ac51-4135-4e3c-a937-c62dfc4b5e9f,<br></br>fcd2d6ef-9a18-452a-9a79-1c97e5a95ef2]

lacp                : active

mac                 : []

name                : "bond0"

other_config        : {lacp-time=fast}

qos                 : []

statistics          : {}

status              : {}

tag                 : []

trunks              : []

vlan_mode           : []

In learning how to use LACP with OVS, I found this article to be extremely helpful.

If you have questions, or have additional information to share with me and/or other readers, please speak up in the comments. Thanks!

http://blog.scottlowe.org/2012/10/19/link-aggregation-and-lacp-with-open-vswitch/

Link Aggregation and LACP with Open vSwitch的更多相关文章

  1. (转载)运行主机管理在openvswitch之上

    在这篇文章里介绍了如果运行主机管理在openvswitch之上,而不是单独配置一个物理网卡用于主机管理,并且所有的vm的流量还是通过openvswitch走的. Running Host Manage ...

  2. iSCSI Network Designs: Part 5 – iSCSI Multipathing, Host Bus Adapters, High Availability and Redundancy

    iSCSI Network Designs: Part 5 – iSCSI Multipathing, Host Bus Adapters, High Availability and Redunda ...

  3. LACP-链路聚合

    一. 术语 LA (Link aggregation): 链路聚合,不同厂家名称不同,ethernet channel(以太通道). LAG: Link aggregation group. LACP ...

  4. Cyber Security - Palo Alto Firewall Interface Types

    Multiple options to integrate the Palo Alto Firewall into your: Network Layer 2 interfaces and VLAN ...

  5. 群晖系统设置链路聚合并配置静态IP的教程【江东网 JDX86.COM】

    1.进入控制面板 > 网络 > 网络接口.请单击创建 > 创建 Bond 2.进入聚合配置向导,选择你想要的模式,这里有几种模式意思分别为: 自适应负载平衡: 此模式优化了 Syno ...

  6. EtherChannel(PAgP、LACP)基本配置--端口聚合--(转)

    转自 http://blog.sina.com.cn/s/blog_635e1a9e01017msv.html EtherChannel EtherChannel(以太通道)也叫端口聚合或链路聚合,特 ...

  7. Using LACP with a vSphere Distributed Switch 5.1

    Using LACP with a vSphere Distributed Switch 5.1 by Chris Wahl on Oct 15th, 2012 | 6,347 views One o ...

  8. To LACP or not to LACP (on a 5.1 vDS)

    http://www.poppingclouds.com/2012/12/20/to-lacp-or-not-to-lacp-on-a-5-1-vds-2/ I have been recently ...

  9. LACP学习笔记

    LACP学习笔记 来源: https://blog.csdn.net/zhengmx100/article/details/53893902 参考文档:download.h3c.com.cn/down ...

随机推荐

  1. 胡扯两句——CDQ分治

    之前听大神讲过CDQ分治大概是个什么东西,但是一直还没有真正去搞过.今天稍微看了一下,写点自己的理解. 首先CDQ分治有两个条件. 条件1:可以分成两个独立互不影响的问题(这里的"独立&qu ...

  2. AngularJS recursive(递归)

    工作中我们经常要遍历多层数据,如果数据是已知层级的话,用 ng-repeat 就搞定了,要是数据深度是无限的呢,或者我们要实现一个无限层级的 tree 的时候,该怎么办? 答案是使用 ng-inclu ...

  3. POJ 3225 Help with Intervals

    U:把区间[l,r]覆盖成1I:把[0,l-1][r+1,∞]覆盖成0D:把区间[l,r]覆盖成0C:把[0,l-1][r+1,∞]覆盖成0 , 且[l,r]区间0/1互换(即异或)S:[l,r]区间 ...

  4. powershell小工具,efs加解密三剑客。

    powershell  efs  加密  解密  列出  decryption  list --------前言:我编写这两个脚本的目的,大家不可不知!-------- 1 是为系统管理员,网管员编写 ...

  5. Controller方法的返回值

    方法的返回值1.ModelAndView这个就不多说,这是最基础的,前面定义一个ModelAndView,中途使用addObject方法添加属性,再返回.视图解析器会自动扫描到的.2.String这个 ...

  6. SharePoint表单和工作流 - Nintex篇(四)

    博客地址 http://blog.csdn.net/foxdave 接上篇点击打开链接 "Manage workflow constants" 管理工作流常量.这里可以管理工作流中 ...

  7. Access 中数据库操作时提示from子句语法错误

    问题:如果在Access 中数据库操作时提示from子句语法错误原因:语句中某一单词为Access中的关键字.如:select * from user.其中user就是一关键字.解决:用中括号[]将其 ...

  8. 2013年9月份第1周51Aspx源码发布详情

    大型B2B家具门户网源码  2013-9-6 [VS2008]功能描述: 1.门户信息管理 安全取数据即使数据库连接中断不会报错 2.稳定性 每句代码经过3次以上检查.此网站还在运营3年了,没有出过问 ...

  9. iOS 版本号Version和Build的区别

    一个version,一个build,都是设置版本的地方,有什么区别呢? 在ios中(Android等工程中也一样),有两种version,一种是 CFBundleVersion ("Bund ...

  10. C#移动无标题栏窗体的四种代码

    第一种采用,需注意窗体上的控件是否把窗体覆盖了...MouseDown.MouseMove.MouseUp事件应该是鼠标所处位置最顶层的控件的事件在窗体的类中声明两个变量private Point m ...