From owner-freebsd-net@FreeBSD.ORG Thu Nov 18 02:00:25 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 858E216A4CE for ; Thu, 18 Nov 2004 02:00:25 +0000 (GMT) Received: from smtp.freemail.gr (smtp.freemail.gr [213.239.180.35]) by mx1.FreeBSD.org (Postfix) with ESMTP id DBB8743D49 for ; Thu, 18 Nov 2004 02:00:24 +0000 (GMT) (envelope-from dionch@freemail.gr) Received: by smtp.freemail.gr (Postfix, from userid 101) id 00739BC1DF; Thu, 18 Nov 2004 04:00:22 +0200 (EET) Received: from acer1501 (dslcustomer625.vivodi.gr [80.76.58.117])by smtp.freemail.gr (Postfix) with ESMTP id 925E0BC023for ; Thu, 18 Nov 2004 04:00:21 +0200 (EET) Message-ID: <002f01c4cd12$427b78b0$0100000a@acer1501> From: "Chris Dionissopoulos[freemail]" To: Date: Thu, 18 Nov 2004 03:59:35 +0200 MIME-Version: 1.0 Content-Type: text/plain;format=flowed;charset="iso-8859-7"; reply-type=original Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2900.2180 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180 Subject: ng_fec with tap interfaces. X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: "Chris Dionissopoulos\[freemail\]" List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 18 Nov 2004 02:00:25 -0000 Hello, I'm trying to load-balance and failover 2 lines using ng_fec. This is my configuraration and schema so far: LAN-----------------------clients_net | [router1]----[box1] -----[router2] |\---$sp-nat-1 |\---$sp-nat-2 (ISP1) (ISP2) ~\~~~~~~~~~~~~~~~~/~~~ nternet ~~~~~~\~~~~~~~~~/~~~~~~~ \ / \ / ------------------------------- | | <-----$public1,$public2 [ box2 ] Routing on Box1(freebsd5.3): ~~~~~~~~~~~ IP1 thru router1 , IP2 thru router2 ie. route add $public1/32 10.0.0.1 (LanIP of router1) route add $public2/32 10.0.1.1 (LanIP of router2) Interfaces: ~~~~~~~ openvpn --local 10.0.0.2 --remote $public1 --dev tap0 --ifconfig 10.0.3.1 0xffffff00 openvpn --local 10.0.1.2 --remote $public2 --dev tap1 --ifconfig 10.0.4.1 0xffffff00 tap0: flags=28943 mtu 1500 inet 10.0.3.1 netmask 0xffffff00 broadcast 10.0.3.255 ether 00:bd:18:6e:45:00 tap1: flags=28943 mtu 1500 inet 10.0.4.1 netmask 0xffffff00 broadcast 10.0.4.255 ether 00:bd:bc:0b:49:01 ng_fec: ~~~~~ #ngctl mkpeer fec dummy fec #ngctl msg fec0: add_iface "tap0" #ngctl msg fec0: add_iface "tap1" #ngctl msg fec0: set_mode_inet #ifoconfig fec0 up # route add default -iface fec0 Routing on Box2(freebsd5.3): ~~~~~~~~~~~ route add $default $some_gate Interfaces: ~~~~~~~ openvpn --local $public1 --remote $isp-nat-1 --dev tap0 --ifconfig 10.0.3.2 0xffffff00 openvpn --local $public2 --remote $isp-nat-2 --dev tap1 --ifconfig 10.0.4.2 0xffffff00 tap0: flags=28943 mtu 1500 inet 10.0.3.2 netmask 0xffffff00 broadcast 10.0.3.255 ether 00:bd:18:6d:42:00 tap1: flags=28943 mtu 1500 inet 10.0.4.2 netmask 0xffffff00 broadcast 10.0.4.255 ether 00:bd:be:3b:14:01 ng_fec(same as box1): ~~~~~ #ngctl mkpeer fec dummy fec #ngctl msg fec0: add_iface "tap0" #ngctl msg fec0: add_iface "tap1" #ngctl msg fec0: set_mode_inet #ifoconfig fec0 up # route add $clients_net/$clients_mask -iface fec0 Everything works great. Traffic flows both links (for incoming and outgoing), but I get "fec0: failed to check status of link tap0" and "fec0: failed to check status of link tap1" messages on console all the time. Also, when one link goes down I start to loose half of of my traffic (both sides). Searching carefully ng_fec and if_tap source code I found : ------ng_fec.c, line 612------------------- ifp = p->fec_if; error = (*ifp->if_ioctl)(ifp, SIOCGIFMEDIA, (caddr_t)&ifmr); if (error) { printf("fec%d: failed to check status " "of link %s\n", priv->unit, ifp->if_xname); continue; } -------------------------------------------- ------------if_tap.c, line 484--------------- static int tapifioctl(ifp, cmd, data) struct ifnet *ifp; u_long cmd; caddr_t data; { struct tap_softc *tp = (struct tap_softc *)(ifp->if_softc); struct ifstat *ifs = NULL; int s, dummy; switch (cmd) { case SIOCSIFFLAGS: /* XXX -- just like vmnet does */ case SIOCADDMULTI: case SIOCDELMULTI: break; case SIOCGIFSTATUS: s = splimp(); ifs = (struct ifstat *)data; dummy = strlen(ifs->ascii); mtx_lock(&tp->tap_mtx); if (tp->tap_pid != 0 && dummy < sizeof(ifs->ascii)) snprintf(ifs->ascii + dummy, sizeof(ifs->ascii) - dummy, "\tOpened by PID %d\n", tp->tap_pid); mtx_unlock(&tp->tap_mtx); splx(s); break; default: s = splimp(); dummy = ether_ioctl(ifp, cmd, data); splx(s); return (dummy); } return (0); } /* tapifioctl */ ----------------------------------------- It seems that ng_fec doesn't queries correctly if_tap for link state (default:-> dummy return). Does anyone has a workaround for this issue or any idea how to implement link-state mechanism in if_tap device? If this is imposimple (due to tap device nature) , is possible to add functions in ng_fec for an alternative link-state mechanism ? (arpings maybe, like linux channel bonding) thanks for your time, Chris Dionissopoulos. ____________________________________________________________________ http://www.freemail.gr - δωρεάν υπηρεσία ηλεκτρονικού ταχυδρομείου. http://www.freemail.gr - free email service for the Greek-speaking.