Hi,
I'm trying to tunnel some traffic between VM on one server to VM on
other server.
While doing this I need to rewrite lldp destination mac so it doesn't
get picked up by switch in between
I do this with dnat rules which works fine when using it on the
physical interfaces
But if I try to do it on a bond interface the dnat rules doesn't get applied
I assume traffic gets picked up by module handling bond interface and
ebtable PREROUTING rule doesn't get applied.
Is there any way to get a dest-mac rewrite rule to work on a bond
interface or would I have to jump traffic through extra bridge to be
able to apply PREROUTING rule there?
Simplified config for recreating problem + versions I'm using below
(works if I disable bond and take traffic direct on enp0s8 interface only)
ebtables -t nat -L
Bridge table: nat
Bridge chain: PREROUTING, entries: 2, policy: ACCEPT
-d 1:0:c:cd:cd:d0 -i bond0 -j dnat --to-dst 1:80:c2:0:0:e --dnat-target ACCEPT
-d 1:0:c:cd:cd:d0 -i enp0s8 -j dnat --to-dst 1:80:c2:0:0:e --dnat-target ACCEPT
Bridge chain: OUTPUT, entries: 0, policy: ACCEPT
Bridge chain: POSTROUTING, entries: 0, policy: ACCEPT
echo 16384 > /sys/class/net/br0/bridge/group_fwd_mask
brctl show
bridge name bridge id STP enabled interfaces
br0 8000.ee61e9ba66d8 no bond0
cat /etc/netplan/50-could-init.yaml
# This file is generated from information provided by
# the datasource. Changes to it will not persist across an instance.
# To disable cloud-init's network configuration capabilities, write a file
# /etc/cloud/cloud.cfg.d/99-disable-network-config.cfg with the following:
# network: {config: disabled}
network:
ethernets:
enp0s3:
addresses: []
dhcp4: true
enp0s8:
dhcp4: false
enp0s9:
dhcp4: false
bonds:
bond0:
addresses: [ 192.168.1.2/24 ]
interfaces: [ enp0s8, enp0s9 ]
parameters:
mode: active-backup
primary: enp0s8
version: 2
Br,
Fredrik
