[CentOS] Not firewall, but what?
Jussi Hirvi
listmember at greenspot.fi
Sat May 8 07:38:43 UTC 2010
On 8.5.2010 4.31, Kahlil Hodgson wrote:
> Hmmm have you got more than one bridge on your network? If so you need
> to make sure you have STP turned ON on all your bridges.
> If you have any services that require network at start up (nfs), you'll
> need set you network start up delay to more than 10 seconds
> as well, so STP has some time to settle.
>
> I encountered similar problems when I plugged a _second_ virtualisation
> host into my network.
Turning on stp sounds promising (I have to confess that I never heard
about stp before). Stp is indeed off for both bridges:
[root at farm1 scripts]# brctl show
bridge name bridge id STP enabled interfaces
virbr0 8000.000000000000 yes
xenbr0 8000.feffffffffff no vif5.0
vif4.0
peth0
vif0.0
xenbr1 8000.feffffffffff no vif5.1
vif3.0
vif2.0
peth1
vif0.1
How can I turn stp on? In my /etc/xen/scripts/xen-network-common.sh
there is a section:
# Don't create the bridge if it already exists.
if [ ! -e "/sys/class/net/${bridge}/bridge" ]; then
brctl addbr ${bridge}
brctl stp ${bridge} off
brctl setfd ${bridge} 0
sysctl -w "net.bridge.bridge-nf-call-arptables=0"
sysctl -w "net.bridge.bridge-nf-call-ip6tables=0"
sysctl -w "net.bridge.bridge-nf-call-iptables=0"
ip link set ${bridge} arp off
ip link set ${bridge} multicast off
fi
Is if safe to turn stp "on" there (instead of "off"? (Requires xend
restart at least, I suppose.) Or is there a better way to turn stp on
permanently?
The box has 2 physical if cards, and both of them are used for bridges
(xenbr0 and xenbr1).
- Jussi
--
Jussi Hirvi * Green Spot
Topeliuksenkatu 15 C * 00250 Helsinki * Finland
Tel. +358 9 493 981 * Mobile +358 40 771 2098 (only sms)
jussi.hirvi at greenspot.fi * http://www.greenspot.fi
More information about the CentOS
mailing list