Linux-Bridging

-

Use case:

Want to run multiple bng-blaster instance using same physical nic interface

Problem:

1.bngblaster application dose not support associating same interface on multiple instances

2.If we create Linux bridge and associate physical interface & veth pairs we could see broadcast packets from one veth interface flooded to other veth interface (normal switch behavior)

  e.g - created bridge 'br-access' associated physical nic 'eth1' & veth interfaces veth-access1 & veth-access2

           Veth pairs : (veth-access1<--->access1)  &&  (veth-access2<--->access2)

           Here broadcast packets from access1 is flooded to access2

Solution:

Enable port isolation for veth interfaces

eg:-

bridge link set dev veth-access1 isolated on
bridge link set dev veth-access2 isolated on

Configuration:

### Access side interface ###

# Create bridge
ip link add br-access type bridge
ip link set br-access up
ip link set eno12429 master br-access
# Add veth pairs
ip link add access1 type veth peer name veth-access1
ip link add access2 type veth peer name veth-access2
ip link set veth-access1 master br-access
ip link set veth-access2 master br-access
ip link set veth-access1 up
ip link set veth-access2 up
ip link set access1 up
ip link set access2 up
# Enable port isolation for veth interfaces
bridge link set dev veth-access1 isolated on
bridge link set dev veth-access2 isolated on


### Network side interface ####

# Create bridge
ip link add br-network type bridge
ip link set br-network up
ip link set eno12409.25 master br-network
# Add veth pairs
ip link add network1 type veth peer name veth-network1
ip link add network2 type veth peer name veth-network2
ip link set veth-network1 master br-network
ip link set veth-network2 master br-network
ip link set veth-network1 up
ip link set veth-network2 up
ip link set network1 up
ip link set network2 up
# Enable port isolation for veth interfaces
bridge link set dev veth-network1 isolated on
bridge link set dev veth-network2 isolated on


Topology:







Comments

Post a Comment

Popular posts from this blog

gNMI_with_grafana on containerlabs

-
Image
  root@digi-oss:/home/labadmin/mohan/2jan26_grafana# cat sr_lab.clab.yml name: sr_lab topology:   nodes:     sr1 : {kind: nokia_srlinux, image: ghcr.io/nokia/srlinux:latest, startup-config: sr1.cfg}     sr2 : {kind: nokia_srlinux, image: ghcr.io/nokia/srlinux:latest, startup-config: sr2.cfg}     # gNMIc Collector     gnmic:       kind: linux       image: ghcr.io/openconfig/gnmic:latest       binds: [gnmic-config.yml:/app/gnmic-config.yml:ro]       cmd: "--config /app/gnmic-config.yml subscribe"     # Prometheus TSDB     prometheus:       kind: linux       image: prom/prometheus:latest       binds: [prometheus.yml:/etc/prometheus/prometheus.yml:ro]       ports: ["9090:9090"]     # Grafana Visualization     grafana:       kind: linux       image: grafa...
Read more

EVPN Route type-1 & type-4 in action

-
Image
 Route Type 1: Ethernet Auto-Discovery (A-D) A Type 1 route is advertised by a PE router on a per-Ethernet Segment Identifier (ESI) basis. It is triggered by the presence of a multihomed connection.  Purpose of Type 1 routes Aliasing:  In an all-active multihoming setup, a Type 1 route informs remote PE routers that an Ethernet segment is reachable via multiple PEs. This allows for load-balancing traffic to the same customer device over multiple paths. Fast convergence (Mass MAC Withdrawal):  If a local link to a multihomed customer device fails, the PE sends a withdrawal message for the Type 1 route. Remote PEs can then withdraw all MAC addresses associated with that Ethernet segment, instead of waiting for individual MAC withdrawals, which speeds up convergence. Split-horizon filtering:   The route carries an ESI label to prevent traffic loops in all-active mode. A PE router won't forward broadcast, unknown unicast, and multicast (BUM) traffic back to its sour...
Read more

Network Automation with ROBOT Framework

-
Image
  Folder-structure Scripts testcase_with_keywordsLibrary.robot *** Settings *** Documentation    Test Case With Keyword Resource         Resources/Keywords/common.robot Resource          Resources/Keywords/vxlanInstance.robot Test Setup        Open Connection Test Teardown    Close Connection *** Test Cases *** [Documentation] Step 1: Verify VXLAN Interface Status     VXLAN Interface Status [Documentation] Step 2: Verify VXLAN VNI to VLAN Mapping     VXLAN VNI to VLAN Mapping Resources/Keywords/common.robot *** Settings *** Documentation    Common Keyword Library Library          ../../Libraries/commonLib.py Variables        ../Variables/veosLeaf01.yaml *** Variables *** ${devType}         ${virtualBox}[vmType] ${ipAddr}          ${virtualBox}[vmManagement][hostIp] ${po...
Read more