Debian does not shut down interface with ip link set ... down

Question

I have a really specific question for a trunk-testing environment. I have this network setup:

+------------+               +------------+
|            |    +-----+    |            |
|       eth0 +----+ br0 +----+ eth0       |
|            |    +-+---+    |            |
| Guest1     |      |        |     Guest2 |
|            |    +-----+    |            |
|       eth1 +----+ br1 +----+ eth1       |
|            |    +---+-+    |            |
+------------+      | |      +------------+
                  +-+-+--+
                  | Host |
                  +------+

The KVM host serves two bridge for the guest machines (/etc/network/interfaces):

auto br0
iface br0 inet manual
  bridge_ports none
  bridge_fd 0
  bridge_stp off

auto br1
iface br1 inet manual
  bridge_ports none
  bridge_fd 0
  bridge_stp off

The guest machines connect to the switches with this configuration:

# Actual interfaces
allow-hotplug eth0 eth1
iface eth0 inet manual
iface eth1 inet manual

# Internet facing network
auto eth0.100 eth1.100
iface eth0.100 inet manual
iface eth1.100 inet manual

auto bond0
iface bond0 inet manual
  bond_mode active-backup
  bond_miimon 200
  bond_downdelay 200
  bond_updelay 200
  # Something I found to make the active secondary slave listening
  post-up echo 1 > /sys/devices/virtual/net/bond0/bonding/all_slaves_active
  slaves eth0.100 eth1.100

auto bond0.1
  address 10.110.0.10x
  netmask 255.255.0.0

# Please don't ask why the three vlan is needed.
# The bonding works only if these three are defined :\

Now my problem is the following:

The default primary slave is the eth0.100 interface on both guest. If I shut down the primary slave with the following command

$ ip link set eth0.100 down

The link goes down according to "ip link", the bond changes the primary slave, yet packets are accepted on the inactive interface. (I found it out by running "tshark -i eth1.100" and only the ping-reply messages were shown.)

If I close down the interface on the host machine, the whole communication stops between the guests. Even the bond does not recognize the change.

Additional info:

I have no IPTables/EBTables rule to block packages on this interface
I know the broadcast mode would help with all my problems, although I think it makes the communication between the two guests bloated. I'd rather not use that option.

Questions:

Why doesn't "ip link set ... down" close down the link?
Is it possible, that meddling with all_slaves_active somehow interferes with the interface status?
Is there any option I might slipped over, which makes the active-backup aware of the interface change?
(And why do I need the three VLAN to make the bonding work?)

Any reply is appreciated.

Debian does not shut down interface with ip link set ... down

0 Answers0