On 12/04/2014 05:09 AM, Cristian KLEIN wrote: > On 2014-12-04 10:40, Laine Stump wrote: >> Currently, libvirt does create and activate simultaneously (and also >> qemu does a gratuitous ARP request at some point, although I haven't >> checked if it happens when qemu starts or when the guest CPUs are >> started), and deactivate, destroy, and free all happen at pretty much >> the same time as well. The former leads to problems like this one >> reported by dgilbert: >> >> https://bugzilla.redhat.com/show_bug.cgi?id=1081461 >> >> This is just one of several possible variations of "some parts of the >> network have incorrect information about where MAC X is currently >> located"; when you mix in post-copy migration, and manual handling of >> the bridge FDB >> (https://www.redhat.com/archives/libvir-list/2014-December/msg00173.html), >> >> there are many opportunities for failure! (BTW, sorry for interjecting this into your migration patches, after this I'll create a new thread when/if I have more to say) Another problem that I've discovered due to the haphazardness of netdev initialization - the network "plugged" hook is called before the tap device has been created, so the XML given to the hook will, if anything, contain an out-of-date tap device name (and the tap device won't exist to be manipulated by the hook anyway). > First of all, I would strongly recommend disabling STP on bridges that > are involved in post-copy migration. STP adds too much downtime, which > goes pretty much against the benefits of post-copy live migration. ... as long as STP isn't required to avoid forwarding loops, and as long as the admin is schooled enough to know they should disable it. But we should either explicitly forbid (by logging an error if it's encountered, or at least documenting that it doesn't work) or do whatever we can to make it operate properly in those cases. > Second, I observed that qemu announces itself when the CPUs are > resumed on the destination. Good to know. > Hence, at least from outside, it seems like the FDB are updated correctly. For a host bridge using the kernel's builtin flood/learning to populate the fdb, that likely is the case. With the current state of the code, things aren't so rosy for macvtap, nor for my new libvirt-managed fdb updates. I need to work on that. (Mainly I posted to this thread to see what other problems people may have encountered in this area, to make sure all of them get handled, and to see if anyone thought my suggested changes were crack-based.) -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list