Date: Wed, 23 Jun 2004 18:36:04 -0400 From: Sven Willenberger <sven@dmv.com> To: freebsd-net@freebsd.org Cc: freebsd-hackers@freebsd.org Subject: using netgraph to connect 2 physical interfaces into one virtual interface Message-ID: <1088030164.29367.57.camel@lanshark.dmv.com>
next in thread | raw e-mail | index | archive | help
I am having a lot of trouble trying to make the following work (after some exhaustive googling etc) Goal: 2 interfaces (em0 and em1) to be "combined" or bonded into one virtual interface so as to provide both increased throughput and failover. Both physical ports connected to either the same or different switches with a virtual gateway (the configuration for which is being haandled separately). What I have tried (using netgraph) and the results: 1) (from the ng_one2many manpage): ifconfig em0 up ifconfig em1 up ngctl mkpeer em0: one2many upper one ngctl connect em0: em0:upper lower many0 ngctl connect em1: em0:upper lower many1 ...etc setting promisc and autosrc per the manpage the em0 is then ifconfig'd with the ip address etc as long as em0 link is up all seems good. When the link goes down (i.e. disconnect the ethernet cable), then 50% packet loss occurs as it tries to roundrobin and fail on the down side. Not a workable solution. 2) adapted from freebsd-security (derkweiler) http://www.derkeiler.com/Mailing-Lists/FreeBSD-Security/2004-01/0084.html thread : ifconfig em0 promisc -arp up ifconfig em1 promisc -arp up ngctl mkpeer . eiface hook ether ngctl mkpeer ngeth0: one2many upper one ngctl connect em0: ngeth0:upper lower many0 ngctl connect em1: ngeth0:upper lower many1 ngctl msg em0: setautosrc 0 ngctl msg em1: setautosrc 0 ifconfig ngeth0 lladdr [mac addie other than 00:00:00:00:00:00] ifconfig ngeth0 up now if I ifconfig -arp the ngeth0 interface and add the default route, etc, I get nowhere ... no ping responses no traffic if I ifconfig the ngeth0 and enable arp then I can ping but get duplicates (actually for each reply I end up with 3 (DUP!) replies. also, the traffic throughput is miserable. Using scp from another machine on the LAN I muster around 300KB/s to this machine, 10MB/s to another on the same lan. So my question is, without trying to get into ng_fec (which I understand will also need hardware support on the other end -- blades, etc), how can I connect the 2 physical interfaces together into a virtual interface that proves a) respectable throughput b) "normal" traffic patterns via icmp, etc and c) failover in the event one or the other link goes down?
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1088030164.29367.57.camel>