MAC intermittently being learnt on wrong port

Ryan King <ryank@xxxxxxxxxxxxxxxxxxxx> · Fri, 8 Jan 2010 03:25:10 +0000

Hi,

I am seeing a strange issue with a fairly
simple bridge I have setup (for openvpn in bridge mode).

eth0 ---  [ openvpn machine  (tap0) ] ---
eth1

The bridge is between tap0 and eth1 on a
debian machine running on ESX 4.  (tap0 being the openvpn tunnel interface).  Intermittently,
I see openvpn client MAC addresses on port 2 (eth1).  When this happens, their
vpn link stops working, since arp replies are being sent back via the wrong
interface.  But after a random amount of time, it will change back to port 1
(tap0) and start working again.  Sometimes this is quick, sometimes it doesn't
happen for hours.

Anyone else had these issues?  I've
searched the archives, and come across several people who seem to have had
similar problems - but haven't found one that has a solution yet.

I'd appreciate any suggestions on where I
should start looking to find out why/how these MAC's are being learnt on the
wrong interface...

brctl show br0:

bridge name      bridge id                              STP
enabled       interfaces

br0                         8000.005056b804c2         no                           eth1

                                                                                                                tap0

brctl showstp br0:

br0

 bridge id                             8000.005056b804c2

 designated root              8000.005056b804c2

 root port                                0                                           path
cost                                0

 max age                               
20.00                                   bridge max age                   20.00

 hello time                            
2.00                                     bridge hello time               2.00

 forward delay                     5.00                                     bridge
forward delay        5.00

 ageing time                        300.01

 hello timer                           1.19                                     tcn
timer                                0.00

 topology change timer    0.00                                     gc
timer                                  2.19

 flags                                     

eth1 (2)

 port id                 8002                                       state                          
forwarding

 designated root              8000.005056b804c2         path
cost                              100

 designated bridge          8000.005056b804c2         message
age timer            0.00

 designated port              8002                                       forward
delay timer          0.00

 designated cost                  0                                           hold
timer                             0.19

 flags                                     

tap0 (1)

 port id                 8001                                       state                          
forwarding

 designated root              8000.005056b804c2         path
cost                              100

 designated bridge          8000.005056b804c2         message
age timer            0.00

 designated port              8001                                       forward
delay timer          0.00

 designated cost                  0                                           hold
timer                             0.19

 flags

eg:

brctl showmacs br0:

port no mac addr                             is
local?                ageing timer

  2            00:50:56:b8:04:c2             yes                           
0.00

  1            00:ff:46:97:7f:d5               yes                           
0.00

  2            7a:6e:9f:28:12:79              no                             
0.56

7a:6e:9f:28:12:79 -- the openvpn client

00:ff:....   -- tap0

00:50:56...   -- eth1

Thanks,

Ryan

_______________________________________________
Bridge mailing list
Bridge@xxxxxxxxxxxxxxxxxxxxxxxxxx
https://lists.linux-foundation.org/mailman/listinfo/bridge