[DRBD-user] DRBD9: full-mesh and managed resources

Lars Ellenberg lars.ellenberg at linbit.com
Wed Aug 31 15:06:08 CEST 2016

Note: "permalinks" may not be as permanent as we would like,
direct links of old sources may well be a few messages off.

On Mon, Aug 22, 2016 at 10:43:18AM +0200, Roberto Resoli wrote:
> Il 18/08/2016 14:03, Veit Wahlich ha scritto:
> > Am Donnerstag, den 18.08.2016, 12:33 +0200 schrieb Roberto Resoli:
> >> Il 18/08/2016 10:09, Adam Goryachev ha scritto:
> >>> I can't comment on the DRBD related portions, but can't you add both
> >>> interfaces on each machine to a single bridge, and then configure the IP
> >>> address on the bridge. Hence each machine will only have one IP address,
> >>> and the other machines will use their dedicated network to connect to
> >>> it. I would assume the overhead of the bridge inside the kernel would be
> >>> minimal, but possibly not, so it might be a good idea to test it out.
> >>
> >> Very clever suggestion!
> >>
> >> Many thanks, will try and report.
> > 
> > If you try this, take care to enable STP on the bridges, or this will
> > create loops.
> 
> Yes, this worked immediately as aspected.
> 
> > Also STP will give you redundancy in case a link breaks and will try to
> > determine the shortest path between nodes.
> 
> I confirm. With three nodes and three links of course stp blocks one of
> the three links, with root bridge forwording traffing between the other two.
> 
> It is possible to control which bridge becomes root using the parameter
> "bridgeprio" of brctl.
> 
> > But the shortest link is not guaranteed. Especially after recovery from
> > a network link failure.
> > You might want to monitor each node for the shortest path.
> 
> Using stp of course has the side effect of not using one of the three
> links (it is the price to pay for failover).
> 
> I tried to disable stp, blocking at the same time (with a simple ebtable
> rule) the forwardings through the bridge in order to avoid
> loops/broadcast storms. In the resulting topology every link carries
> only the traffic of the two nodes it connects (at the expense of having
> no failover).
> 
> it is very handy to monitor that all is working correctly using:
> 
> watch brctl showstp <bridge_name>
> 
> and
> 
> watch brctl showmacs <bridge_name>
> 
> I post here the configuration I ended up to use, for reference:
> (I put it in a "drbd-interfaces" file, referenced in
> "/etc/network/interfaces" using the "source" directive)
> 
> =======
> auto drbdbr
> iface drbdbr inet static
>         address  <ip_of_this_drbd_node>
>         netmask  255.255.255.0
>         bridge_ports eth2 eth3
>         bridge_stp off
>         bridge_ageing 30
>         bridge_fd 5
> # Only with stp on
>       # node1 and node2 are preferred
>         #bridge_bridgeprio 1000
> # Only with stp off
> 	pre-up ifconfig eth2 mtu 9000 && ifconfig eth3 mtu 9000
>         up  ebtables -I FORWARD --logical-in drbdbr -j DROP
>         down ebtables -D FORWARD --logical-in drbdbr -j DROP
> ======

Instead of bridging,
explicit routes could be an other option.
ip route add .../.. dev ...

    Lars

More information about the drbd-user mailing list