Skip to:

  1. Skip to Jira Navigation
  2. Skip to Side Navigation
  3. Skip to Main Content

Thanks for using the TrueNAS Community Edition issue tracker! TrueNAS Enterprise users receive direct support for their reports from our support portal.

When iocage jail starts, a different lagg is added to the bridge, creating network loop

Description

I have 2x 2-port laggs running LACP

lagg0 = LAN - native VLAN1
lagg1 = DMZ/Infrastructure - no native VLAN but 3 trunked VLANs

I have 3 VLANs mapped to lagg1 only:

DMZ
Infrastructure
Media

I have 3 corresponding bridges that map to their corresponding VLAN

DMZ
Infrastructure
Media

I have total 6x Jails, 1x to DMZ bridge, 3x to Infrastructure bridge, and 2x to media bridge

When I add my VMs to bridge2 (infrastructure seems most impacted by this, but same happens on other bridges too), I start seeing packet loss.

Before starting the bridge the only member is the (correct) VLAN

However after I start one of the VMs that is set to use bridge2, I note that not only do I see the VLAN as a member, but also the lagg0 device.

It's not clear to me if this is a problem in the configuration of the VMs, the bridge, the VLAN, or maybe the lagg. I have remvoed and re-added the bridges and VLANs multiple times - to realise the same impact

Problem/Justification

None

Impact

None

SmartDraw Connector

Katalon Manual Tests (BETA)

Activity

Show:

Waqar Ahmed November 22, 2019 at 4:10 PM

Perfect , glad it's resolved. Closing this issue

Andrew Barnes November 22, 2019 at 4:09 PM

Good news ... Changing the "interface" value on each jail, and restarting the jails, has fixed my issue with lagg0 being assigned to one of the bridges!

I have also done a full power-cycle and the configuration changes made hold, and the behaviour is now as expected!

Thank you very much !

Andrew Barnes November 22, 2019 at 2:58 PM

G'day ,

Thank you for your reply.

How I did the setup

From a sequencing perspective, I took the following actions:

  1. Create new interface lagg1 with members igb2 and igb3 - using. LACP as protocol

    • I note that I was not able to create the LAGG without an IP - so I used a 10.* address that is not in use on my network and a /32 netmask

  2. Defined the aggregation ports on my UniFi USW-24

    • No native VLAN

    • trunked the VLANs for the 3x networks (per my description above)

  3. Create 3x new VLAN interfaces, assigning them to lagg1 ***

    • Note - there is no IP assigned to the VLAN interface when it's created

  4. Create 3x new bridge interfaces, assigning them to their corresponding VLAN interface

    • Note - there is no IP assigned to the bridge  interface when it's created

  5. Update the configuration of the jails

    • Update the IP address to use the network address corresponding with the VLAN it's to use

    • Update the default route to use the default route of the VLAN it's to use

    • Update the "interface" property to reflect the pre-defined bridge that is created (eg. vnet0:bridge1)

  •  

    •  

      • It's worth noting that in the interface configuration when I go back to look at it, I am NOT able to see what the default interface is. Neither am I able to modify it.

Comments against your instructions

  • Yes - I did select the interface to use when creating both the VLAN and the bridge (per above)

  • I defined the bridge manually by using the configuration (will attach the screenshot in private attachments)

  • lagg0 is my default interface, which I guess is why it's being attached to the bridge.  But in fact I don't want the lagg attached to the bridge, I want the VLAN

  • I will try setting my jails to use "none" instead of "auto" for default interface and revert

Will revert soon - thank you !

Andy

Waqar Ahmed November 22, 2019 at 2:14 PM

can you please confirm if you configured which interface you want added to the bridge for VM's ? If you didn't, it is going to find the default interface and attach the VM with a bridge where default interface is a member - and if it isn't, it creates a new bridge and then adds it there. Now you can in this case select a bridge too - however that would be available in BETA2 for VM's. If you want to select a specific bridge to use right now, there are limited options:
1) Select an interface which is not added to any bridge right now ( because ideally it will not show you interfaces which are already on a bridge ). This will create a new bridge and add this selected NIC there
2) It will use the bridge which has your default interface

Moving on to Jails, you have vnet enabled jails and you have set their configuration to auto. Which means when a jail is going to start, it is going to find the default interface and the bridge you have specified and add the default interface there. Your default interface is lagg0, so unless you explicitly tell iocage to add some specific interface to the bridge specified i.e bridge66, it will add lagg0 on it's own. You can disable this automatic addition of interfaces to the bridge by specifying "none" for "vnet_default_interface" property as it would probably suit you more. You have a controlled network environment and it doesn't make sense for iocage to automatically start adding things here and there ( which does make sense for most users ).

Please let me know if you have further issues after applying the configuration i specified, I'll keep this ticket open meanwhile making sure I have not missed anything.

Dru Lavigne November 21, 2019 at 4:05 PM

please attach a debug (System -> Advanced -> Save debug) to the Private attachments section of this ticket.

Behaves as Intended
Pinned fields
Click on the next to a field label to start pinning.

Details

Assignee

Reporter

Labels

Components

Fix versions

Affects versions

Priority

More fields

Katalon Platform

Created November 21, 2019 at 3:51 PM
Updated July 1, 2022 at 4:47 PM
Resolved November 22, 2019 at 4:10 PM
Configure