[2.1+] Cannot create a bridge on an interface that also has VLAN interfaces

Hi,

Thanks for filing a bug.

Are you experiencing any networking issues with the above configuration or is your question about the format of the output?

If networking isn't functioning, please describe what's not working.

As for the formatting of the stanzas, that is by design. The ifenslave documentation mentions that in the case that if the master interface is not available, the bond will be setup with bond-* options on the slaves; thus to ensure the correct bond configuration, the slaves should include the same bond-options as the master.

From: /usr/share/doc/ifenslave/README.Debian.gz

"You can set additional bonding options by adding them to the interface
section:

        bond-mode active-backup

This would run the bonding device in active backup mode with eth0 as primary.

If the master interface is not available at the time the first slave is setup,
it will be created and setup according to bond-* options in the *slave* stanza.
For this reason, in order to get consistent results, the values of all the
bond-* options should normally be identical in the master stanza and in all the
possible slave stanzas. However, there exists some good reasons to have
different options in different stanza, for example, to change the primary slave
when hotpluging a new slave.
"

Ryan Thank you for your clarification. My networking works fine so far i was referring to the output format. I never saw it before i thought it is not the expected behavior.

But i noticed something else a bit relevant. If we apply my networking scenario which consists of
1. creating one LACP bond ("bond0")
2. creating two network VLAN interfaces on the bond ("bond0.10, bond0.20")
3. creating two network bridge each on one network VLAN ("br-mgmt, br-storage")

Using MAAS UI or CLI works fine but if i want to add another bridge directly on the bond ("bond0") MAAS will deny it:

parent=$(maas $maas_profile interfaces read $system_id|jq -r --arg name "bond0" '.[] | if .name == $name then .id else empty end')
vlan_id=$(maas $maas_profile interfaces read dbcb8d|jq -r --arg name "bond0" '.[] | if .name == $name then .vlan.id else empty end')
maas $maas_profile interfaces create-bridge $system_id name=$bridge vlan=$vlan_id parent=$parent mtu=9000

if i correctly remember the error message is (i cannot apply the above commands because the nodes are on deployed state now):

[error: interface already in use]

I think you can easily check this use case and i think it would be helpful to have additional bridges on an interface that is already connected to VLAN interfaces

Thank you,
Hamza

On Fri, Feb 3, 2017 at 2:47 AM, Hamza <email address hidden> wrote:

> Ryan Thank you for your clarification. My networking works fine so far i
> was referring to the output format. I never saw it before i thought it
> is not the expected behavior.
>
> But i noticed something else a bit relevant. If we apply my networking
> scenario which consists of
> 1. creating one LACP bond ("bond0")
> 2. creating two network VLAN interfaces on the bond ("bond0.10, bond0.20")
> 3. creating two network bridge each on one network VLAN ("br-mgmt,
> br-storage")
>
> Using MAAS UI or CLI works fine but if i want to add another bridge
> directly on the bond ("bond0") MAAS will deny it:
>
> parent=$(maas $maas_profile interfaces read $system_id|jq -r --arg name
> "bond0" '.[] | if .name == $name then .id else empty end')
> vlan_id=$(maas $maas_profile interfaces read dbcb8d|jq -r --arg name
> "bond0" '.[] | if .name == $name then .vlan.id else empty end')
> maas $maas_profile interfaces create-bridge $system_id name=$bridge
> vlan=$vlan_id parent=$parent mtu=9000
>
> if i correctly remember the error message is (i cannot apply the above
> commands because the nodes are on deployed state now):
>
> [error: interface already in use]
>
>
> I think you can easily check this use case and i think it would be helpful
> to have additional bridges on an interface that is already connected to
> VLAN interfaces
>

Hi Hamza,

If I understand you correctly, you would like to have an additional bridge,
like so

auto br-extra
iface br-extra inet manual
    mtu 9000
    bridge_ports bond0

That should be possible. I'm not familiar with the maas UI/CLI for
creating bridges over other devices, but it appears that in your
config you're already doing that, for example:

auto br-mgmt
iface br-mgmt inet static
    address 172.29.236.31/24
    mtu 9000
    bridge_ports bond0.10
    bridge_fd 15
    hwaddress ether e0:07:1b:f7:fe:f1

Looks like MAAS is blocking that because it tries to not allow you to create an invalid configuration. I think in this case you are correct in that MAAS is being to strict.

Hi Ryan,

Yes, i want to have an additional bridge just like you pointed but that cannot happen if the interface (bond0 in my case) already has a VLAN interface (bond0.10 or bond0.20 in my case).

Just like Blake Rouse pointed.

Regards,
Hamza

Hi,

I would like to add another note regarding the order in which the network interfaces should be formatted.

If you notice the interfaces order in /etc/network/interfaces file in my first message, just underneath "bond0" there are the bridges and then the VLAN interfaces but i would be better and make more sense if we have VLAN interfaces before the bridges because the bridges depend on the VLAN interfaces.

This is the order of the creation:

1. bond0
2. VLAN interfaces
3. bridges

This is just about making /etc/network/interfaces content reflects the order of issuing the MAAS commands

Thank you,
Hamza