using netgraph to connect 2 physical interfaces into one virtual interface

From: Sven Willenberger (sven_at_dmv.com)
Date: 06/24/04

  • Next message: Takashi Okumura: "Re: Rate Limiting Per-Socket" 
    To: freebsd-net@freebsd.org
Date: Wed, 23 Jun 2004 18:36:04 -0400

    I am having a lot of trouble trying to make the following work (after
    some exhaustive googling etc)

    Goal: 2 interfaces (em0 and em1) to be "combined" or bonded into one
    virtual interface so as to provide both increased throughput and
    failover. Both physical ports connected to either the same or different
    switches with a virtual gateway (the configuration for which is being
    haandled separately).

    What I have tried (using netgraph) and the results:

    1) (from the ng_one2many manpage):
    ifconfig em0 up
    ifconfig em1 up
    ngctl mkpeer em0: one2many upper one
    ngctl connect em0: em0:upper lower many0
    ngctl connect em1: em0:upper lower many1
    ...etc setting promisc and autosrc per the manpage

    the em0 is then ifconfig'd with the ip address etc
    as long as em0 link is up all seems good. When the link goes down (i.e.
    disconnect the ethernet cable), then 50% packet loss occurs as it tries
    to roundrobin and fail on the down side. Not a workable solution.

    2) adapted from freebsd-security (derkweiler)
    http://www.derkeiler.com/Mailing-Lists/FreeBSD-Security/2004-01/0084.html thread :

    ifconfig em0 promisc -arp up
    ifconfig em1 promisc -arp up
    ngctl mkpeer . eiface hook ether
    ngctl mkpeer ngeth0: one2many upper one
    ngctl connect em0: ngeth0:upper lower many0
    ngctl connect em1: ngeth0:upper lower many1
    ngctl msg em0: setautosrc 0
    ngctl msg em1: setautosrc 0
    ifconfig ngeth0 lladdr [mac addie other than 00:00:00:00:00:00]
    ifconfig ngeth0 up

    now if I ifconfig -arp the ngeth0 interface and add the default route,
    etc, I get nowhere ... no ping responses no traffic

    if I ifconfig the ngeth0 and enable arp then I can ping but get
    duplicates (actually for each reply I end up with 3 (DUP!) replies.

    also, the traffic throughput is miserable. Using scp from another
    machine on the LAN I muster around 300KB/s to this machine, 10MB/s to
    another on the same lan.

    So my question is, without trying to get into ng_fec (which I understand
    will also need hardware support on the other end -- blades, etc), how
    can I connect the 2 physical interfaces together into a virtual
    interface that proves a) respectable throughput b) "normal" traffic
    patterns via icmp, etc and c) failover in the event one or the other
    link goes down?

    _______________________________________________
    freebsd-net@freebsd.org mailing list
    http://lists.freebsd.org/mailman/listinfo/freebsd-net
    To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org"

  • Next message: Takashi Okumura: "Re: Rate Limiting Per-Socket"

    Relevant Pages