Page MenuHomePhabricator
Create Task
Maniphest T367732

POPs LVS : remove public vlan trunking
Open, LowPublic
Actions

Description

Similar to T367731

Now that IPIP has been rolled out to all the POPs we should be able to simplify the POPs network topology by removing now unnecessary configuration/links.

Slight drawback here is that in ulsfo/eqsin LVS traffic towards public hosts (if any) will hair-pin through the routers and back to the switches.
As a reminder, the CP servers are on the private vlan, so they won't be impacted. This also doesn't happen in drmrs/esams/magru as routing between vlans happens on the switches.

As no physical changes need to be done, it can be rolled back easily if any issues.
Steps along the lines of:

  1. Depool the site
  2. Remove the vlan and and IP config on the LVS
  3. Remove the vlan trunking on the switch
  4. Check monitoring (make sure health checks are still working)
  5. Repool the site

Related Objects

Event Timeline

ayounsi created this task.Jun 17 2024, 11:12 AM
Restricted Application added a project: Infrastructure-Foundations. · View Herald TranscriptJun 17 2024, 11:12 AM
Restricted Application added a subscriber: Aklapper. · View Herald Transcript
ayounsi triaged this task as Low priority.Jun 17 2024, 3:03 PM
cmooney added a comment.Jun 17 2024, 3:17 PM

Slight drawback here is that in ulsfo/eqsin LVS traffic towards public hosts (if any) will hair-pin through the routers and back to the switches.

I think that's probably not a major issue in this limited case so +1 from me.

ayounsi moved this task from Backlog to This quarter on the netops board.Sep 11 2025, 9:42 AM
ayounsi moved this task from This quarter to Next quarter on the netops board.
ayounsi assigned this task to ssingh.Nov 18 2025, 8:50 AM
ayounsi added a subscriber: ssingh.

@ssingh started working on this with https://gerrit.wikimedia.org/r/1206424 in T410047: No free IPs on public1-ulsfo vlan (Nov 2025) boldly assigning the task to him :)

ayounsi mentioned this in T410047: No free IPs on public1-ulsfo vlan (Nov 2025).Nov 18 2025, 8:53 AM
ssingh added a comment.Nov 18 2025, 6:49 PM

Related: T410411.

ssingh added a comment.Nov 18 2025, 6:51 PM
In T367732#11382492, @ayounsi wrote:

@ssingh started working on this with https://gerrit.wikimedia.org/r/1206424 in T410047: No free IPs on public1-ulsfo vlan (Nov 2025) boldly assigning the task to him :)

For step 3, we will need the help of netops folks. Should we perhaps set up a dedicated time for this?

cmooney added a comment.Nov 19 2025, 2:14 PM

To confirm all that remains to be done is have someone on-site remove this cable:

https://netbox.wikimedia.org/dcim/interfaces/27216/trace/

(assuming it actually reflects reality, but Netbox should reflect reality so.....)

ayounsi moved this task from Next quarter to This quarter on the netops board.Dec 1 2025, 12:18 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits