ng_fec with tap interfaces.

From: Chris Dionissopoulos[freemail] (dionch_at_freemail.gr)
Date: 11/18/04

  • Next message: Wilkinson, Alex: "Re: polling(4) rocks!" 
    To: <freebsd-net@freebsd.org>
Date: Thu, 18 Nov 2004 03:59:35 +0200

    Hello,
    I'm trying to load-balance and failover 2 lines using ng_fec.
    This is my configuraration and schema so far:
     

    LAN-----------------------clients_net
                             |
    [router1]----[box1] -----[router2]
         |\---$sp-nat-1 |\---$sp-nat-2
     (ISP1) (ISP2)
       ~\~~~~~~~~~~~~~~~~/~~~
                        nternet
     ~~~~~~\~~~~~~~~~/~~~~~~~
                    \ /
                      \ /
    -------------------------------
                             |
                             | <-----$public1,$public2
                      [ box2 ]

    Routing on Box1(freebsd5.3):
    ~~~~~~~~~~~
    IP1 thru router1 , IP2 thru router2
    ie.
    route add $public1/32 10.0.0.1 (LanIP of router1)
    route add $public2/32 10.0.1.1 (LanIP of router2)

    Interfaces:
    ~~~~~~~
    openvpn --local 10.0.0.2 --remote $public1 --dev tap0 --ifconfig 10.0.3.1 0xffffff00
    openvpn --local 10.0.1.2 --remote $public2 --dev tap1 --ifconfig 10.0.4.1 0xffffff00

    tap0: flags=28943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500
            inet 10.0.3.1 netmask 0xffffff00 broadcast 10.0.3.255
            ether 00:bd:18:6e:45:00
    tap1: flags=28943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500
            inet 10.0.4.1 netmask 0xffffff00 broadcast 10.0.4.255
            ether 00:bd:bc:0b:49:01

    ng_fec:
    ~~~~~
    #ngctl mkpeer fec dummy fec
    #ngctl msg fec0: add_iface "tap0"
    #ngctl msg fec0: add_iface "tap1"
    #ngctl msg fec0: set_mode_inet
    #ifoconfig fec0 up
    # route add default -iface fec0

    Routing on Box2(freebsd5.3):
    ~~~~~~~~~~~
    route add $default $some_gate

    Interfaces:
    ~~~~~~~
    openvpn --local $public1 --remote $isp-nat-1 --dev tap0 --ifconfig 10.0.3.2 0xffffff00
    openvpn --local $public2 --remote $isp-nat-2 --dev tap1 --ifconfig 10.0.4.2 0xffffff00

    tap0: flags=28943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500
             inet 10.0.3.2 netmask 0xffffff00 broadcast 10.0.3.255
            ether 00:bd:18:6d:42:00
    tap1: flags=28943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500
            inet 10.0.4.2 netmask 0xffffff00 broadcast 10.0.4.255
            ether 00:bd:be:3b:14:01

    ng_fec(same as box1):
    ~~~~~
    #ngctl mkpeer fec dummy fec
    #ngctl msg fec0: add_iface "tap0"
    #ngctl msg fec0: add_iface "tap1"
    #ngctl msg fec0: set_mode_inet
    #ifoconfig fec0 up
    # route add $clients_net/$clients_mask -iface fec0

    Everything works great. Traffic flows both links (for incoming and outgoing), but
    I get "fec0: failed to check status of link tap0" and "fec0: failed to check status of link tap1"
    messages on console all the time. Also, when one link goes down I start to loose half of
    of my traffic (both sides). Searching carefully ng_fec and if_tap source code I found :

    ------ng_fec.c, line 612-------------------
                    ifp = p->fec_if;
                    error = (*ifp->if_ioctl)(ifp, SIOCGIFMEDIA, (caddr_t)&ifmr);
                    if (error) {
                            printf("fec%d: failed to check status "
                                "of link %s\n", priv->unit, ifp->if_xname);
                            continue;
                    }
    --------------------------------------------

    ------------if_tap.c, line 484---------------
    static int
    tapifioctl(ifp, cmd, data)
            struct ifnet *ifp;
            u_long cmd;
            caddr_t data;
    {
            struct tap_softc *tp = (struct tap_softc *)(ifp->if_softc);
            struct ifstat *ifs = NULL;
            int s, dummy;

            switch (cmd) {
                    case SIOCSIFFLAGS: /* XXX -- just like vmnet does */
                    case SIOCADDMULTI:
                    case SIOCDELMULTI:
                            break;

                    case SIOCGIFSTATUS:
                            s = splimp();
                            ifs = (struct ifstat *)data;
                            dummy = strlen(ifs->ascii);
                            mtx_lock(&tp->tap_mtx);
                            if (tp->tap_pid != 0 && dummy < sizeof(ifs->ascii))
                                    snprintf(ifs->ascii + dummy,
                                            sizeof(ifs->ascii) - dummy,
                                            "\tOpened by PID %d\n", tp->tap_pid);
                            mtx_unlock(&tp->tap_mtx);
                            splx(s);
                            break;

                    default:
                            s = splimp();
                            dummy = ether_ioctl(ifp, cmd, data);
                            splx(s);
                            return (dummy);
            }

            return (0);
    } /* tapifioctl */

    -----------------------------------------

    It seems that ng_fec doesn't queries correctly if_tap for link state (default:-> dummy return).

    Does anyone has a workaround for this issue or any idea how to implement link-state
    mechanism in if_tap device?

    If this is imposimple (due to tap device nature) , is possible to add functions in ng_fec for an alternative
    link-state mechanism ? (arpings maybe, like linux channel bonding)

    thanks for your time,
    Chris Dionissopoulos.
     

    ____________________________________________________________________
    http://www.freemail.gr - δωρεάν υπηρεσία ηλεκτρονικού ταχυδρομείου.
    http://www.freemail.gr - free email service for the Greek-speaking.
    _______________________________________________
    freebsd-net@freebsd.org mailing list
    http://lists.freebsd.org/mailman/listinfo/freebsd-net
    To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org"

  • Next message: Wilkinson, Alex: "Re: polling(4) rocks!"

    Relevant Pages