I would like to pass VLAN tagged traffic and untagged traffic on multiple bridges on a Supermicro SSE-X3648. I am aware of a vlan-aware mode for bridges, but as I understand it, only one vlan-aware bridge can be present on the switch at any one time. I have tested vlan-aware bridging and am looking for a way to capture the vlan-aware behavior(passing all traffic regardless of tag) on multiple bridges up to 27 individual bridges.
I do see a flag that can be set in ifupdown2.conf:
# By default ifupdown2 only supports a single vlan filtering bridge# on the system. Set this flag to 1 to support multiple vlan
# filtering bridges
Setting this flag does not appear to affect the behavior of the switch.
I came to the conclusion that I could not have multiple vlan-aware bridges and sought a less desirable solution. This involved specifying which individual vlans I would like to pass and adding the subinterfaces to separate bridges. For example, if I want to pass VLANs 1-10 between ports swp1 and swp2 I would write the following:
bridge-ports swp2 swp1
bridge-ports swp2.1 swp1.1
bridge-ports swp2.2 swp1.2
bridge-ports swp2.3 swp1.3
bridge-ports swp2.4 swp1.4
bridge-ports swp2.5 swp1.5
bridge-ports swp2.6 swp1.6
bridge-ports swp2.7 swp1.7
bridge-ports swp2.8 swp1.8
bridge-ports swp2.9 swp1.9
bridge-ports swp2.10 swp1.10
Thus creating 11 bridges. In order to determine the maximum VLAN range I can support in this fashion, I settled upon 200 after reading this document. I then made 27 connections in this fashion which results in 201 bridges per connection for a total of 5427 bridges. It took a while for the setup to complete and unfortunately the bridges do not pass traffic. I then continued to reduce the number of VLANs on each bridge until I found a number that will pass traffic over all the bridges. I came up with 16. According to my math, the total number of interfaces created in this fashion is thus:
(Vlans+1)*(ports per bridge +1)*(total number of bridges)=total interfaces
So in my example of 27 bridge with 16 VLANs, I created 1326 interfaces. It appears that I cannot add many more interfaces before switch behavior is compromised(traffic does not pass).
Now for the bad news, no error is thrown when exceeding this limit. If I check switchd.log I see:
cumulus switchd: hal_bcm.c:7294 CRIT Internal vlans exhausted
2016-09-09T17:30:10.757909+00:00 cumulus switchd: hal_bcm.c:6010 CRIT Cannot allocate bridge vlan for bridge id 12972
This seems like something that should not just be logged, but an error that should be handled. The switch shows the bridge as up and configured correctly which is misleading.
Phew, lot of text. I am finally at the point where I can ask my question. Since I know that a Broadcom Trident 2 can handle passing tagged and untagged traffic between multiple connections, can I use Cumulus Linux to control the chip in a way that creates multiple connections passing traffic regardless of VLAN tag? If not, is there a scheme that is less interface intensive? Am I right that the total interface count is the problem or is there some other limiting factor?
Thanks for reading.