1

Some parts / aspects of this topic have been discussed here before. Leading up to my question:

  • eth0 is the official nic of my ubuntu 12.04-server
  • eth1 is the "local=yes" port of bridge 'br1'
  • eth1/br1 have no ip address
  • all VirtualBox guest machines use Bridged Adapter: br1(/eth1)
  • all real and virtual machines are on the same subnet
  • one end of (almost) all network cables is plugged into a Netgear FS726T Smart Switch

It works well. Everyone is reaching Samba (on eth0), each other's shared folders, printer, NAS and Internet.

Prior to VirtualBox it was VMware Server who bridged all guest traffic to eth1. And prior to that, I used only one network adapter for everything. It was hell. All it took was a backup, an up/download from NAS, either from or to the host or a guest, and the mail server, remote desktop, VNC, Citrix or PuTTY sessions would drop / time out [*].

I see no storm raging but... Nonetheless, what network options should I use (or avoid!) to prevent bad and evil traffic patterns?

[*]: I just found this post here https://serverfault.com/a/136985/167502 which might have been the culprit, although it worked well after vmnet used eth1.

Community
  • 1
Andreas G
  • 11
  • 3

2 Answers2

1

Looks ok to me, shouldn't be any issues. Might be worth enabling Spanning Tree Protocol (STP) on br1, This help to stop any loops that might occur if eth0 was added to br1 for example.

This does mean that routing isn't quite optimised as the traffic would be leaving the server on eth1 to come back in to it on eth0

It looks like the switch supports IEEE802.3ad Link Aggregation, so it might be worth looking at setting this up using bonding on Linux, This would use both links for traffic to the server. eth0 and eth1 would be attached to bond1 and then add bond1 to br1. Then put the servers IP on bond1. This would mean VMs running on the host would connect directly without going via the physical NIC.
The rest of the traffic would be shared over eth0 and eth1. A single connection would only be able to max out one of the links so shouldn't affect the rest of the traffic

Epaphus
  • 1,011
  • 6
  • 8
  • Big THANK YOU ! yes, br1 adds eth0 as a local=no port. I had STP enabled on br1 and the NAT-bridge under VirtualBox control. Following your advice I also enabled it on the switch. While there I looked for the bonding options/support. Instead (?) the FS726T offers Trunking which require 2 identical speed ports. After reading the bonding mini howto I'll be seriously looking at this alternative. – Andreas G Apr 05 '13 at 14:29
  • Ah yes, I forgot some switches call IEEE802.3ad Link Aggregation "trunking". – Epaphus Apr 05 '13 at 16:08
0

Use the net_cls controller of cgroups and traffic shaping (tc) to limit the amount of network bandwidth a VM can use.

Mark Wagner
  • 17,764
  • 2
  • 30
  • 47
  • Thanks for the 'tc' suggestion. The net_cls thing must be for Windows. Was that meant to tune what I had initially? Either way I am going to learn how to benefit from tc. – Andreas G Apr 05 '13 at 13:54
  • Regarding net_cls: https://access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Resource_Management_Guide/sec-net_cls.html – Mark Wagner Apr 05 '13 at 17:46