VLAN-aware L2 Advertisement
195 views
Skip to first unread message
Luke Davidson
Jul 1, 2023, 11:57:10 PM7/1/23
to metallb-users
Hi all,
In an L2Advertisement I see that I can specify the interfaces that should be associated. On my worker nodes, I have a vlan-aware bridge set up. I know that I could instead create vlan interfaces off of that bridge, one for each vlan, then configure each L2 advertisement in metallb to point to that specific vlan interface (br0.10, br0.20, etc.).
However, I was hoping there was a way that metallb could be told the vlan tag that should be associated with each l2advertisment, and I can then point the advertisement to the vlan aware bridge itself. This would save me from needing to create a bunch of separate vlan interfaces.
Thanks,
Luke Davidson
Luke Davidson
Jul 2, 2023, 1:01:16 AM7/2/23
to metallb-users
Hmm, I think I am misunderstanding how L2 advertisement works. As a
test, I configured the sub-interfaces for each vlan on my worker node,
then updated my l2adverisements to be limited to the appropriate
interface.
For clarity, here is the snippet from my config:
```
apiVersion: metallb.io/v1beta1
kind: IPAddressPool
metadata:
name: server
namespace: metallb-system
spec:
addresses:
- 10.10.40.15-10.10.40.20
---
apiVersion: metallb.io/v1beta1
kind: IPAddressPool
metadata:
name: infra
namespace: metallb-system
spec:
addresses:
- 10.10.50.15-10.10.50.20
---
apiVersion: metallb.io/v1beta1
kind: L2Advertisement
metadata:
name: server
namespace: metallb-system
spec:
ipAddressPools:
- server
nodeSelectors:
- matchLabels:
kubernetes.io/hostname: worker1
interfaces:
- br0.40
---
apiVersion: metallb.io/v1beta1
kind: L2Advertisement
metadata:
name: infra
namespace: metallb-system
spec:
ipAddressPools:
- infra
nodeSelectors:
- matchLabels:
kubernetes.io/hostname: worker1
interfaces:
- br0.50
```
For clarity, here is the snippet from my config:
```
apiVersion: metallb.io/v1beta1
kind: IPAddressPool
metadata:
name: server
namespace: metallb-system
spec:
addresses:
- 10.10.40.15-10.10.40.20
---
apiVersion: metallb.io/v1beta1
kind: IPAddressPool
metadata:
name: infra
namespace: metallb-system
spec:
addresses:
- 10.10.50.15-10.10.50.20
---
apiVersion: metallb.io/v1beta1
kind: L2Advertisement
metadata:
name: server
namespace: metallb-system
spec:
ipAddressPools:
- server
nodeSelectors:
- matchLabels:
kubernetes.io/hostname: worker1
interfaces:
- br0.40
---
apiVersion: metallb.io/v1beta1
kind: L2Advertisement
metadata:
name: infra
namespace: metallb-system
spec:
ipAddressPools:
- infra
nodeSelectors:
- matchLabels:
kubernetes.io/hostname: worker1
interfaces:
- br0.50
```
I've deployed a test pod with the `metallb.universe.tf/address-pool: server` annotation. I've confirmed it is using the correct "server" address pool yet, I don't have connectivity to the assigned IP. If I get a shell into the pod, I do have connectivity. I ran a tcpdump on the host and found that the traffic is going out of the br0.50 interface instead of br0.40. Because of this behavior, I tried another test pod in the "infra" ip address pool. The traffic also went out br0.50 so I have connectivity as expected. On the worker node, br0.50 is configured with an IP address as it is the management interface. There is no IP assigned for br0.40. Does metallb require the network interface have an IP to work with an L2 advertisement?
Thanks,
Luke Davidson
Reply all
Reply to author
Forward
0 new messages