Site Navigation

Date:      Thu, 18 Nov 2004 03:59:35 +0200
From:      "Chris Dionissopoulos[freemail]" <dionch@freemail.gr>
To:        <freebsd-net@freebsd.org>
Subject:   ng_fec with tap interfaces.
Message-ID:  <002f01c4cd12$427b78b0$0100000a@acer1501>

---

next in thread | raw e-mail | index | archive | help

---

Hello,
I'm trying to load-balance and failover 2 lines using ng_fec.
This is my configuraration and schema so far:
 

LAN-----------------------clients_net
                         |
[router1]----[box1] -----[router2]
     |\---$sp-nat-1                  |\---$sp-nat-2
 (ISP1)                            (ISP2)
   ~\~~~~~~~~~~~~~~~~/~~~
                    nternet 
 ~~~~~~\~~~~~~~~~/~~~~~~~
                \                 /
                  \             /
-------------------------------
                         |
                         |   <-----$public1,$public2
                  [  box2  ]



Routing on Box1(freebsd5.3):
~~~~~~~~~~~
IP1 thru router1 , IP2 thru router2
ie.
route add $public1/32 10.0.0.1 (LanIP of router1)
route add $public2/32 10.0.1.1 (LanIP of router2)

Interfaces:
~~~~~~~
openvpn --local 10.0.0.2 --remote $public1 --dev tap0 --ifconfig 10.0.3.1 0xffffff00
openvpn --local 10.0.1.2 --remote $public2 --dev tap1 --ifconfig 10.0.4.1 0xffffff00

tap0: flags=28943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500
        inet 10.0.3.1 netmask 0xffffff00 broadcast 10.0.3.255
        ether 00:bd:18:6e:45:00
tap1: flags=28943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500
        inet 10.0.4.1 netmask 0xffffff00 broadcast 10.0.4.255
        ether 00:bd:bc:0b:49:01

ng_fec:
~~~~~
#ngctl mkpeer fec dummy fec
#ngctl msg fec0: add_iface "tap0"
#ngctl msg fec0: add_iface "tap1"
#ngctl msg fec0: set_mode_inet
#ifoconfig fec0 up
# route add default -iface fec0

Routing on Box2(freebsd5.3):
~~~~~~~~~~~
route add $default $some_gate 

Interfaces:
~~~~~~~
openvpn --local $public1  --remote $isp-nat-1 --dev tap0 --ifconfig 10.0.3.2 0xffffff00
openvpn --local $public2  --remote $isp-nat-2 --dev tap1 --ifconfig 10.0.4.2 0xffffff00

tap0: flags=28943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500
         inet 10.0.3.2 netmask 0xffffff00 broadcast 10.0.3.255
        ether 00:bd:18:6d:42:00
tap1: flags=28943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500
        inet 10.0.4.2 netmask 0xffffff00 broadcast 10.0.4.255
        ether 00:bd:be:3b:14:01

ng_fec(same as box1):
~~~~~
#ngctl mkpeer fec dummy fec
#ngctl msg fec0: add_iface "tap0"
#ngctl msg fec0: add_iface "tap1"
#ngctl msg fec0: set_mode_inet
#ifoconfig fec0 up
# route add $clients_net/$clients_mask -iface fec0


Everything works great. Traffic flows both links (for incoming and outgoing),  but
I get "fec0: failed to check status of link tap0" and  "fec0: failed to check status of link tap1"
messages on console all the time. Also, when one link goes down I start to loose half of 
of my traffic (both sides). Searching carefully ng_fec and if_tap source code I found :

------ng_fec.c, line 612-------------------
                ifp = p->fec_if;
                error = (*ifp->if_ioctl)(ifp, SIOCGIFMEDIA, (caddr_t)&ifmr);
                if (error) {
                        printf("fec%d: failed to check status "
                            "of link %s\n", priv->unit, ifp->if_xname);
                        continue;
                }
--------------------------------------------


------------if_tap.c, line 484---------------
static int
tapifioctl(ifp, cmd, data)
        struct ifnet    *ifp;
        u_long           cmd;
        caddr_t          data;
{
        struct tap_softc        *tp = (struct tap_softc *)(ifp->if_softc);
        struct ifstat           *ifs = NULL;
        int                      s, dummy;

        switch (cmd) {
                case SIOCSIFFLAGS: /* XXX -- just like vmnet does */
                case SIOCADDMULTI:
                case SIOCDELMULTI:
                        break;

                case SIOCGIFSTATUS:
                        s = splimp();
                        ifs = (struct ifstat *)data;
                        dummy = strlen(ifs->ascii);
                        mtx_lock(&tp->tap_mtx);
                        if (tp->tap_pid != 0 && dummy < sizeof(ifs->ascii))
                                snprintf(ifs->ascii + dummy,
                                        sizeof(ifs->ascii) - dummy,
                                        "\tOpened by PID %d\n", tp->tap_pid);
                        mtx_unlock(&tp->tap_mtx);
                        splx(s);
                        break;

                default:
                        s = splimp();
                        dummy = ether_ioctl(ifp, cmd, data);
                        splx(s);
                        return (dummy);
        }

        return (0);
} /* tapifioctl */

-----------------------------------------

It seems that ng_fec doesn't queries correctly if_tap for link state (default:-> dummy return).

Does anyone has a workaround for this issue or any idea how to implement link-state 
mechanism in if_tap device?

If this is imposimple (due to tap device nature) , is possible to add functions in ng_fec for an alternative
link-state mechanism ? (arpings maybe, like linux channel bonding)

thanks for your time,
Chris Dionissopoulos.
 

____________________________________________________________________
http://www.freemail.gr - äùñåÜí õðçñåóßá çëåêôñïíéêïý ôá÷õäñïìåßïõ.
http://www.freemail.gr - free email service for the Greek-speaking.

---

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?002f01c4cd12$427b78b0$0100000a>

Legal Notices | © 1995-2024 The FreeBSD Project. All rights reserved.

Contact