Re: oops, or how to bring a datacenter router down with one setting

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



On 02/10/2012 05:54 AM, Bob Hoffman wrote:
> Yea, I gave up on bonding, ended up just using eth1. But every tutorial
> I found had added eth0 and eth1 as interfaces to br0, thus sharing the
> bridge so to speak.

Those tutorials were documenting the manner in which you can set up a 
transparent Linux firewall.  That's not what you want to do with a KVM 
server.

Creating an Ethernet bridge and adding two interfaces to it effectively 
makes a Linux host into a two-port switch with firewalling.

If you connect multiple ports from one switch to ports on a second 
switch (two bridged Linux Ethernet ports to a switch) you create a 
switch loop.  Switch loops will endlessly replay broadcast traffic (such 
as ARP), creating a broadcast storm.

Yes, that can consume all of a router's CPU cycles quite easily.  That 
is why data centers should always run spanning tree on their switches. 
STP will shut off ports that get looped.
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos


[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux