Skip to content

Instantly share code, notes, and snippets.

@scyto

scyto/proxmox-tb-net.md

Last active June 20, 2024 22:22
Show Gist options
  • Save scyto/67fdc9a517faefa68f730f82d7fa3570 to your computer and use it in GitHub Desktop.
Save scyto/67fdc9a517faefa68f730f82d7fa3570 to your computer and use it in GitHub Desktop.
Download ZIP
Thunderbolt Networking Setup
Raw
proxmox-tb-net.md

Thunderbolt Networking

this gist is part of this series

NOTE FOR THIS TO BE RELIABLE ON NODE RESTARTS YOU WILL NEED PROXMOX KERNEL 6.2.16-14-pve OR HIGER

This fixes issues i bugged with the thunderbolt / thunderbolt-net maintainers (i will take everyones thanks now, lol)

Install LLDP - this is great to see what nodes can see which.

  • install lldpctl with apt install lldpd

Load Kernel Modules

  • add thunderbolt and thunderbolt-net kernel modules (this must be done all nodes - yes i know it can sometimes work withoutm but the thuderbolt-net one has interesting behaviou' so do as i say - add both ;-)
    1. nano /etc/modules add modules at bottom of file, one on each line
    2. save using x then y then enter

Prepare /etc/network/interfaces

doing this means we don't have to give each thunderbolt a manual IPv6 addrees and that these addresses stay constant no matter what Add the following to each node using nano /etc/network/interfaces

If you see any sections called thunderbolt0 or thunderbol1 delete them at this point.

Now add the following (note we will set IP addresses in the UI):

allow-hotplug en05
iface en05 inet manual
       mtu 65520

iface en05 inet6 manual
        mtu 65520

allow-hotplug en06
iface en06 inet manual
        mtu 65520

iface en06 inet6 manual
        mtu 65520

If you see any thunderbol sections delete them from the file before you save it.

Rename Thunderbolt Connections

This is needed as proxmox doesn't recognize the thunderbolt interface name. There are various methods to do this. This method was selected after trial and error because:

  • the thunderboltX naming is not fixed to a port (it seems to be based on sequence you plug the cables in)
  • the MAC address of the interfaces changes with most cable insertion and removale events

  1. use udevadm monitor command to find your device IDs when you insert and remove each TB4 cable. Yes you can use other ways to do this, i recommend this one as it is great way to understand what udev does - the command proved more useful to me than the syslog or lspci command for troublehsooting thunderbolt issues and behavious. In my case my two pci paths are 0000:00:0d.2and 0000:00:0d.3 if you bought the same hardware this will be the same on all 3 units. Don't assume your PCI device paths will be the same as mine.

  2. create a link file using nano /etc/systemd/network/00-thunderbolt0.link and enter the following content:

[Match]
Path=pci-0000:00:0d.2
Driver=thunderbolt-net
[Link]
MACAddressPolicy=none
Name=en05
  1. create a second link file using nano /etc/systemd/network/00-thunderbolt1.link and enter the following content:
[Match]
Path=pci-0000:00:0d.3
Driver=thunderbolt-net
[Link]
MACAddressPolicy=none
Name=en06

Set Interfaces to UP on reboots and cable insertions

This section en sure that the interfaces will be brought up at boot or cable insertion with whatever settings are in /etc/network/interfaces - this shouldn't need to be done, it seems like a bug in the way thunderbolt networking is handled (i assume this is debian wide but haven't checked).

  1. create a udev rule to detect for cable insertion using nano /etc/udev/rules.d/10-tb-en.rules with the following content:
ACTION=="move", SUBSYSTEM=="net", KERNEL=="en05", RUN+="/usr/local/bin/pve-en05.sh"
ACTION=="move", SUBSYSTEM=="net", KERNEL=="en06", RUN+="/usr/local/bin/pve-en06.sh"

  1. save the file

  2. create the first script referenced above using nano /usr/local/bin/pve-en05.sh and with the follwing content:

#!/bin/bash

# this brings the renamed interface up and reprocesses any settings in /etc/network/interfaces for the renamed interface
/usr/sbin/ifup en05

save the file and then

  1. create the second script referenced above using nano /usr/local/bin/pve-en06.sh and with the follwing content:
#!/bin/bash

# this brings the renamed interface up and reprocesses any settings in /etc/network/interfaces for the renamed interface
/usr/sbin/ifup en06

and save the file

  1. make both scripts executable with chmod +x /usr/local/bin/*.sh
  2. Reboot (restarting networking, init 1 and init 3 are not good enough, so reboot)

Enabling IP Connectivity

proceed to the next gist

@nicedevil007
Copy link

So you guess it is not needed anymore to use the iface lo:6 anymore?
Yesterday I was able to get it up and running with IPv6 but I would love to just use IPv4 ofc... so much easier to understand (at least for me).

@nicedevil007
Copy link

@scyto

Tip

today I figured out what is the best way to make sure everything is getting up and working again. (because I didn't know how to troubleshoot in the past I made about 4-5 reinstalls of my whole NUC Cluster.... that leads me to my own private gitea repo where I can copy paste most of the commands in a more easy way than here).

If you mind using this or even change parts of your commands, I want to post it here. Some parts are taken from other users ideas here.

Caution

This is done with the Intel NUCs that @scyto is using! I took the same IP-addresses/interface names.
It is all done with ONLY IPv4. No need for IPv6.

How to get Thunderbolt Network up and running

Main idea is from here, but I like to be able to copy paste a bit more comfortable.

Assumptions

This manual was used on Intel NUC 13th generation with 2 TB4 Ports.

On all Nodes

Optional package to track which node can see which other one.

apt install -y lldpd

Mandatory packages.

apt install -y lsb-release
curl -s https://deb.frrouting.org/frr/keys.gpg | sudo tee /usr/share/keyrings/frrouting.gpg > /dev/null
FRRVER="frr-stable"
echo deb '[signed-by=/usr/share/keyrings/frrouting.gpg]' https://deb.frrouting.org/frr \
     $(lsb_release -s -c) $FRRVER | sudo tee -a /etc/apt/sources.list.d/frr.list
apt update
apt install -y frr

Add kernel modules.

# remove empty lines
sed '/^$/d' /etc/modules > temp.txt && mv temp.txt /etc/modules

# add modules
tee -a /etc/modules <<EOF
thunderbolt
thunderbolt-net
EOF

Add the thunderbolt links.

tee -a /etc/systemd/network/00-thunderbolt0.link <<EOF
[Match]
Path=pci-0000:00:0d.2
Driver=thunderbolt-net
[Link]
MACAddressPolicy=none
Name=en05
EOF

tee -a /etc/systemd/network/00-thunderbolt1.link <<EOF
[Match]
Path=pci-0000:00:0d.3
Driver=thunderbolt-net
[Link]
MACAddressPolicy=none
Name=en06
EOF

Automatic setup of interface to be up after reboot or cable insertion.

tee -a /etc/udev/rules.d/10-tb-en.rules <<EOF
ACTION=="move", SUBSYSTEM=="net", KERNEL=="en05", RUN+="/usr/local/bin/pve-en05.sh"
ACTION=="move", SUBSYSTEM=="net", KERNEL=="en06", RUN+="/usr/local/bin/pve-en06.sh"
EOF

tee -a /usr/local/bin/pve-en05.sh <<EOF
#!/bin/bash
/usr/sbin/ifup en05
EOF

tee -a /usr/local/bin/pve-en06.sh <<EOF
#!/bin/bash
/usr/sbin/ifup en06
EOF

chmod +x /usr/local/bin/pve-en05.sh
chmod +x /usr/local/bin/pve-en06.sh

Enable IPv4 forwarding.

sed -i "s/\#net.ipv4.ip_forward\=1/net.ipv4.ip_forward\=1/" /etc/sysctl.conf

Presetup and configuration of FRR.

sed -i "s/fabricd=no/fabricd=yes/" /etc/frr/daemons
systemctl restart frr

Make sure interface is coming up!
Idea coming from here => https://gist.github.com/scyto/67fdc9a517faefa68f730f82d7fa3570?permalink_comment_id=5077802#gistcomment-5077802

tee -a /usr/local/bin/restart-frr.sh <<EOF
#!/bin/sh
# Delayed start script to tell frr to reload ensuring that it sees thunderbolt links towards other nodes.
# condition: is there any tbt network interface and frr service up
COUNTER=0
while [ ${COUNTER} -lt 5 ]; do
        sleep 1;
        TEST=$(ip a | grep ": en0" | grep "UP" | awk 'BEGIN { ORS=""}; {print $2}')
        if [ ${#TEST} -ge 2 ]; then
                TEST_SVC=$(service frr status | grep "active (running)")
                if [ ${#TEST_SVC} -ge 2 ]; then
                        service frr reload;
                        echo "frr service reload request sent"
                        exit 0;
                fi
        fi
        COUNTER=$((COUNTER+1));
done
echo "Failed to request frr service reload: request NOT sent"
exit 1;
EOF
chmod +x /usr/local/bin/restart-frr.sh

# create systemd service and make it autoboot
tee -a /etc/systemd/system/frr-restarter.service <<EOF
[Unit]
After=network.target

[Service]
ExecStart=/usr/local/bin/restart-frr.sh

[Install]
WantedBy=default.target
EOF

systemctl daemon-reload
systemctl enable frr-restarter

Different settings per Node!

Adjust the /etc/network/interfaces. Remove any section that belongs to any auto added thunderbolt0 or thunderbolt1 interface.

Node 1

sed -i '/iface lo inet loopback/a\
\
auto lo:0\niface lo:0 inet static\n        address 10.0.0.81/32' /etc/network/interfaces
sed -i '/^source \/etc\/network\/interfaces\.d\/\*$/d' /etc/network/interfaces
sed '${/^$/d;}' /etc/network/interfaces > temp.txt && mv temp.txt /etc/network/interfaces

tee -a /etc/network/interfaces <<EOF
auto en05
allow-hotplug en05
iface en05 inet manual
       mtu 65520

auto en06
allow-hotplug en06
iface en06 inet manual
       mtu 65520
EOF

Node 2

sed -i '/iface lo inet loopback/a\
\
auto lo:0\niface lo:0 inet static\n        address 10.0.0.82/32' /etc/network/interfaces
sed -i '/^source \/etc\/network\/interfaces\.d\/\*$/d' /etc/network/interfaces
sed '${/^$/d;}' /etc/network/interfaces > temp.txt && mv temp.txt /etc/network/interfaces

tee -a /etc/network/interfaces <<EOF
allow-hotplug en05
iface en05 inet manual
       mtu 65520

allow-hotplug en06
iface en06 inet manual
       mtu 65520
EOF

Node 3

sed -i '/iface lo inet loopback/a\
\
auto lo:0\niface lo:0 inet static\n        address 10.0.0.83/32' /etc/network/interfaces
sed -i '/^source \/etc\/network\/interfaces\.d\/\*$/d' /etc/network/interfaces
sed '${/^$/d;}' /etc/network/interfaces > temp.txt && mv temp.txt /etc/network/interfaces

tee -a /etc/network/interfaces <<EOF
allow-hotplug en05
iface en05 inet manual
       mtu 65520

allow-hotplug en06
iface en06 inet manual
       mtu 65520
EOF

Open VTYSH CLI.

vtysh

Enter config mode.

configure

Node 1

ip forwarding
!
interface en05
ip router openfabric 1
exit
!
interface en06
ip router openfabric 1
exit
!
interface lo
ip router openfabric 1
openfabric passive
exit
!
router openfabric 1
net 49.0000.0000.0001.00
exit
!

end
write memory
exit

# Doublecheck correct config
vtysh -c "show running-config"

Node 2

ip forwarding
!
interface en05
ip router openfabric 1
exit
!
interface en06
ip router openfabric 1
exit
!
interface lo
ip router openfabric 1
openfabric passive
exit
!
router openfabric 1
net 49.0000.0000.0002.00
exit
!

end
write memory
exit

# Doublecheck correct config
vtysh -c "show running-config"

Node 3

ip forwarding
!
interface en05
ip router openfabric 1
exit
!
interface en06
ip router openfabric 1
exit
!
interface lo
ip router openfabric 1
openfabric passive
exit
!
router openfabric 1
net 49.0000.0000.0003.00
exit
!

end
write memory
exit

# Doublecheck correct config
vtysh -c "show running-config"

Time for the reboot.

/sbin/reboot

Debugging

# shows the actual configuration
vtysh -c "show running-config"
# shows all links
vtysh -c "show openfabric topology"

@scyto
Copy link
Author

scyto commented Jun 20, 2024

@scyto
nice work, can you fork, its a little long for a comment...?

@scyto
Copy link
Author

scyto commented Jun 20, 2024

and you don't need to wait for the link to come up - just have the restart at the bottom of the /interfaces file and it should 'just work'. i have no idea why you are seeing issues unless you hardware is fundamentally different.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment