Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision | |||
|
fuss:networking [2018/08/03 10:11] office [Determining Open Outbound Ports] |
fuss:networking [2020/05/16 23:55] (current) office [Determine ISP Address Blocks] |
||
|---|---|---|---|
| Line 319: | Line 319: | ||
| 2a01:5a80::/32 | 2a01:5a80::/32 | ||
| </code> | </code> | ||
| + | |||
| + | ====== Solving Issues with PXE Servers not Working with Network Bridges with Spanning Tree Protocol Enabled ====== | ||
| + | |||
| + | A typical scenario of a non-working PXE server is a PXE server that has been set up on a Linux server running virtual machines that automatically join an STP-enabled network bridge once the virtual machine boots. | ||
| + | |||
| + | The phenomenon is due to STP itself that runs through various stages (''Blocking'', ''Listening'', ''Learning'') before reaching the ''Forwarding'' state. When the virtual machine adds its interface to the STP-enabled bridge, the bridge switches to the ''Learning'' state, where, by default, the bridge spends at least 10 seconds (on Linux). For 10 seconds, the STP-enabled networking bridge will listen to packets and learn the new topology introduced by the addition of the interface. libvirt virtual machines run SeaBIOS as the default BIOS and, at version ''1.12'', the PXE boot code does not wait sufficiently for the bridge to switch to the ''Forwarding'' state and the network interface will not even be configured. | ||
| + | |||
| + | Cisco routers have a (nasty) hack named ''portfast'' that can be set on a bridge that, when enabled, will skip over the ''Learning'' stage of the bridge and commute directly into the ''Forwarding'' state. Since the bridge will immediately forward packets, the issues with libvirt virtual machines should be resolved. | ||
| + | |||
| + | In order to resolve the issue, STP can be turned off for the entire bridge: | ||
| + | <code bash> | ||
| + | brctl stp br0 off | ||
| + | </code> | ||
| + | but that means losing the extra benefits of having the STP protocol. | ||
| + | |||
| + | Instead, and even better than Cisco ''portfast'', the forwarding delay can be lowered sufficiently for the SeaBIOS PXE boot code to obtain an IP address via DHCP: | ||
| + | |||
| + | <code bash> | ||
| + | brctl setfd br0 2 | ||
| + | </code> | ||
| + | where: | ||
| + | * ''2'' is the number of seconds to spend in the ''Learning'' state (default ''10'' seconds). | ||
| + | |||
| + | On Debian, in case the bridge is configured via ''/etc/network/interfaces'' the following changes can be made to the bridge in order to make the forwarding delay permanent: | ||
| + | <code> | ||
| + | auto br0 | ||
| + | iface br0 inet static | ||
| + | ... | ||
| + | # Enable STP | ||
| + | bridge_stp on | ||
| + | # Fix PXE with STP | ||
| + | bridge_fd 2 | ||
| + | ... | ||
| + | </code> | ||
| + | |||
| + | |||
| + | |||
fuss/networking.txt ยท Last modified: 2020/05/16 23:55 by office
For the copyright, license, warranty and privacy terms for the usage of this website please see the license, privacy and plagiarism pages.