MLAG on Linux - Lessons Learned Scott Emery, Wilson Kok Cumulus - - PowerPoint PPT Presentation

mlag on linux lessons learned
SMART_READER_LITE
LIVE PREVIEW

MLAG on Linux - Lessons Learned Scott Emery, Wilson Kok Cumulus - - PowerPoint PPT Presentation

Jan 13, 2024 125 likes •389 views

MLAG on Linux - Lessons Learned Scott Emery, Wilson Kok Cumulus Networks Inc. Proceedings of netdev 0.1, Feb 14-17, 2015, Ottawa, On, Canada Agenda MLAG introduction and use cases Lessons learned MLAG control plane model

slide-1
SLIDE 1

MLAG on Linux - Lessons Learned

Scott Emery, Wilson Kok Cumulus Networks Inc.

Proceedings of netdev 0.1, Feb 14-17, 2015, Ottawa, On, Canada

slide-2
SLIDE 2

Agenda

  • MLAG introduction and use cases
  • Lessons learned
  • MLAG control plane model
  • MLAG data plane
  • Linux kernel requirements
  • Other important changes and considerations

Proceedings of netdev 0.1, Feb 14-17, 2015, Ottawa, On, Canada

slide-3
SLIDE 3

MLAG introduction

MLAG - a LAG across more than one node

  • multi-homing for redundancy
  • active-active to utilize all links which
  • therwise may get blocked by Spanning

Tree

  • no modification of LAG partner

Proceedings of netdev 0.1, Feb 14-17, 2015, Ottawa, On, Canada

slide-4
SLIDE 4

MLAG terminology

ISL - inter switch link Dually connected Singly connected Secondary role Primary role

Proceedings of netdev 0.1, Feb 14-17, 2015, Ottawa, On, Canada

slide-5
SLIDE 5

MLAG use case - hypervisor

kernel eth0 virtual switch eth1 kernel eth0 virtual switch eth1 no MLAG - striping by VM MACs

  • r other policies

vm

MLAG - it’s a bond switch switch switch switch

Proceedings of netdev 0.1, Feb 14-17, 2015, Ottawa, On, Canada

slide-6
SLIDE 6

MLAG use case - L2 fabric

  • no blocking links, full

utilization of bandwidth

  • load balancing and

redundancy offered by LAG

Proceedings of netdev 0.1, Feb 14-17, 2015, Ottawa, On, Canada

slide-7
SLIDE 7

MLAG use case - L2 fabric

  • no blocking links, full

utilization of bandwidth

  • load balancing and

redundancy offered by LAG

Proceedings of netdev 0.1, Feb 14-17, 2015, Ottawa, On, Canada

slide-8
SLIDE 8

Lessons learned

  • L2 can be dangerous! Fail open by default,

no TTL, unknown means flood...

  • MLAG - more ways to live dangerously
  • Rigorous and conservative interface state

management needed. Temporary loops or duplicates not acceptable

Proceedings of netdev 0.1, Feb 14-17, 2015, Ottawa, On, Canada

slide-9
SLIDE 9

Lessons learned

  • Fast convergence depends on a lot of things done right:

○ Proper daemon up/down sequences: ■ UP: STPd up > MLAGd up > interface enable ■ DOWN: interface disable > MLAGd down > STPd down ○ Avoid split brain as much as possible: ■ changing LACP system id flaps bonds ■ have multiple heart beat channels between MLAG daemons

  • Failures, besides link and node down, do happen,

should not melt network. e.g. daemon crash

○ Need to fail close, e.g. monit clean up

Proceedings of netdev 0.1, Feb 14-17, 2015, Ottawa, On, Canada

slide-10
SLIDE 10

MLAG control plane model

  • Linux kernel enforces default interface state on

MLAG enabled interfaces

  • User space MLAG daemon maintains MLAG

configuration, controls the formation of MLAG and updates interface state and data path

  • Analogous to the user space Spanning Tree

model

Proceedings of netdev 0.1, Feb 14-17, 2015, Ottawa, On, Canada

slide-11
SLIDE 11

MLAG data plane

  • L2 must never have loops, redundant

paths are blocked

  • But want to utilize all links, cannot

block Answer…..

  • Make the links appear logically the

same for the protocols that are supposed to protect you!

Proceedings of netdev 0.1, Feb 14-17, 2015, Ottawa, On, Canada

slide-12
SLIDE 12

MLAG data plane rules

  • same packet is not delivered to a node more

than once

  • packet sourced from a dually connected node

is not delivered back to the same node This means packets crossing the ISL and destined to:

  • dually-connected links => drop
  • singly-connected links => forward

Proceedings of netdev 0.1, Feb 14-17, 2015, Ottawa, On, Canada

slide-13
SLIDE 13

Minimum Linux kernel requirements

  • ability to set LACP system ID on bond

independent of bond mac address

  • mlag_enable attribute on bond
  • mechanism to keep member interface carrier

down independent of admin state

○ IFF_PROTO_DOWN

  • duplicate filtering of packets crossing the ISL

Proceedings of netdev 0.1, Feb 14-17, 2015, Ottawa, On, Canada

slide-14
SLIDE 14

Interface bring up

  • user enables an mlag (bond with mlag_enable = 1)

○ bonding driver keeps the bond and all its slaves down

  • MLAG daemon puts bond in dormant interface mode to begin
  • when MLAG daemon peering is complete

○ sets mlag LACP system id on bond (802.3ad mode) ○ brings slaves up ○ LACP can run, no data traffic ○ LACP converges, bond moves from oper down to oper dormant

  • MLAG daemon verifies MLAG membership, installs egress

filter, then sets bond to oper up

Proceedings of netdev 0.1, Feb 14-17, 2015, Ottawa, On, Canada

slide-15
SLIDE 15

Split brain handling

  • MLAG daemon pair cannot talk to each other

○ ISL down but MLAG daemons alive

  • MLAG daemon with secondary role keeps all MLAGs in

down state with IFF_PROTO_DOWN

  • IFF_PROTO_DOWN indicates to

kernel to not bring bond slaves carrier up until it is cleared

Proceedings of netdev 0.1, Feb 14-17, 2015, Ottawa, On, Canada

slide-16
SLIDE 16

Duplicate Filtering

Packet ingress on ISL should only egress on singly connected links

  • use ebtables: -i <ISL> -o <dually connected interface> -j DROP
  • rule MUST be installed before dually connected interface is oper up
  • rule MUST be uninstalled as soon as interface becomes singly connected

One rule per dually connected interface, not scalable, especially in the case of non VLAN-aware bridge model with many bridges and many VLANs. Better if:

  • ebtables can filter on the parent interface, e.g. eth1 instead of eth1.100,

eth1.101, eth1.102….

  • r bridge driver can make use of the knowledge of which link is ISL and

which are dual-connected

Proceedings of netdev 0.1, Feb 14-17, 2015, Ottawa, On, Canada

slide-17
SLIDE 17

Possible other Linux kernel requirements

  • interface attribute to indicate ISL
  • knowledge of the ‘dual-connectedness’ of a link
  • knowledge of mlag id of interfaces
  • bridge filtering modifications based upon above

Proceedings of netdev 0.1, Feb 14-17, 2015, Ottawa, On, Canada

slide-18
SLIDE 18

Other important changes and considerations

  • Spanning Tree changes
  • MAC address management
  • IGMP group membership handling
  • MLAG control traffic treatment

Proceedings of netdev 0.1, Feb 14-17, 2015, Ottawa, On, Canada

slide-19
SLIDE 19

Spanning Tree Changes

  • STP daemon connects to MLAG daemon and learns

○ which is ISL ○ singly/dually connected interfaces and their MLAG id ○ when MLAG peering is up or down

  • STP needs to run as if the two switches are one. Multiple approaches

possible: ○ master STP daemon runs the protocol and maintains full state sync with the slave STP daemon

  • r

○ each STP daemon does independent calculation. Loosely coupled, distributed processing

  • Loosely coupled model is simpler and more scalable

Proceedings of netdev 0.1, Feb 14-17, 2015, Ottawa, On, Canada

slide-20
SLIDE 20

Spanning Tree - Loosely coupled model

  • use common bridge id (MLAG system id) when

generating BPDUs

  • only MLAG primary switch sends BPDU on dually-

connected links

  • both MLAG switches send BPDU on singly-connected

links

  • BPDU received on root port is processed and also

relayed across ISL, replace source MAC with MLAG id

Proceedings of netdev 0.1, Feb 14-17, 2015, Ottawa, On, Canada

slide-21
SLIDE 21

MAC address management

Goals

  • reduce unknown flood
  • eliminate constant MAC moves between ISL and MLAG

Solution

  • disable learning on ISL
  • synchronize MAC addresses

○ install address learned on MLAG on one side to corresponding MLAG on the other side ○ install address learned on singly connected link on ISL on other side

Proceedings of netdev 0.1, Feb 14-17, 2015, Ottawa, On, Canada

slide-22
SLIDE 22

IGMP Snooping

MLAG daemons synchronize between themselves:

  • IGMP group membership for dually connected links
  • mrouter port information
  • reports/queries may need to be flooded, the same duplicate

filtering rule applies

Proceedings of netdev 0.1, Feb 14-17, 2015, Ottawa, On, Canada

slide-23
SLIDE 23

MLAG control traffic

control traffic share the ISL with data traffic, needs to be

  • given higher priority
  • independent of data traffic topology change -

use a separate VLAN device on the ISL which is not bridged

Proceedings of netdev 0.1, Feb 14-17, 2015, Ottawa, On, Canada

slide-24
SLIDE 24

While we’re at it...

  • VLAN-aware bridge driver

○ great enhancement! ○ more work needed ■ scalability: vlan range*, per port per vlan local fdb* ■ usability: limited to single STP instance, per bridge igmp snooping control

  • Bonding driver

○ a few issues with slave active state setting and MUX machine transitions* (*patches submitted upstream)

Proceedings of netdev 0.1, Feb 14-17, 2015, Ottawa, On, Canada

slide-25
SLIDE 25

Thank You!

Proceedings of netdev 0.1, Feb 14-17, 2015, Ottawa, On, Canada