Document and warn that mirroring to a VLAN is incompatible with SLB bonding.

vswitchd/INTERNALS explains the incompatibility:

   2. When Open vSwitch forwards a multicast or broadcast packet to a
      link in the SLB bond other than the active slave, the remote
      switch will forward it to all of the other links in the SLB
      bond, including the active slave.  Without special handling,
      this would mean that Open vSwitch would forward a second copy of
      the packet to each switch port (other than the bond), including
      the port that originated the packet.

      Open vSwitch deals with this case by dropping packets received
      on any SLB bonded link that have a source MAC+VLAN that has been
      learned on any other port.  (This means that SLB as implemented
      in Open vSwitch relies critically on MAC learning.  Notably, SLB
      is incompatible with the "flood_vlans" feature.)

We could go farther than this and automatically change the bonding mode to
a safer one (e.g. active-backup) when flood_vlans are enabled.  However,
that would still leave the SLB fallback for LACP modes in place; perhaps
active-backup would have to be the fallback for LACP modes when flood_vlans
are enabled.

diff --git a/vswitchd/bridge.c b/vswitchd/bridge.c
index 6a4ebe58d2741155e9d679f41c92a34229019207..6491590a9c3075fbf7b7475349f2c1dc0b2b038b 100644 (file)
--- a/vswitchd/bridge.c
+++ b/vswitchd/bridge.c
@@ -2256,6 +2256,11 @@ port_configure_bond(struct port *port, struct bond_settings *s,
                   port->name, port->cfg->bond_mode,
                   bond_mode_to_string(s->balance));
     }
+    if (s->balance == BM_SLB && port->bridge->cfg->n_flood_vlans) {
+        VLOG_WARN("port %s: SLB bonds are incompatible with flood_vlans, "
+                  "please use another bond type or disable flood_vlans",
+                  port->name);
+    }
 
     miimon_interval = atoi(get_port_other_config(port->cfg,
                                                  "bond-miimon-interval", "0"));

diff --git a/vswitchd/vswitch.xml b/vswitchd/vswitch.xml
index bcabef5677e672a63eb170ca85b73541ad2bd464..b8aa813c954b4daeab0c749d5982b79a0031f9d2 100644 (file)
--- a/vswitchd/vswitch.xml
+++ b/vswitchd/vswitch.xml
@@ -334,11 +334,19 @@
       </column>
 
       <column name="flood_vlans">
-        VLAN IDs of VLANs on which MAC address learning should be disabled, so
-        that packets are flooded instead of being sent to specific ports that
-        are believed to contain packets' destination MACs.  This should
-        ordinarily be used to disable MAC learning on VLANs used for mirroring
-        (RSPAN VLANs).  It may also be useful for debugging.
+        <p>
+          VLAN IDs of VLANs on which MAC address learning should be disabled,
+          so that packets are flooded instead of being sent to specific ports
+          that are believed to contain packets' destination MACs.  This should
+          ordinarily be used to disable MAC learning on VLANs used for
+          mirroring (RSPAN VLANs).  It may also be useful for debugging.
+        </p>
+        <p>
+          SLB bonding (see the <ref table="Port" column="bond_mode"/> column in
+          the <ref table="Port"/> table) is incompatible with
+          <code>flood_vlans</code>.  Consider using another bonding mode or
+          a different type of mirror instead.
+        </p>
       </column>
     </group>