From owner-freebsd-hackers@FreeBSD.ORG Wed Jun 23 22:37:22 2004 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id C9D9F16A4CE; Wed, 23 Jun 2004 22:37:22 +0000 (GMT) Received: from smtp-gw-cl-c.dmv.com (smtp-gw-cl-c.dmv.com [216.240.97.41]) by mx1.FreeBSD.org (Postfix) with ESMTP id 71A9143D45; Wed, 23 Jun 2004 22:37:22 +0000 (GMT) (envelope-from sven@dmv.com) Received: from lanshark.dmv.com (lanshark.dmv.com [216.240.97.46]) i5NMb99D006543; Wed, 23 Jun 2004 18:37:09 -0400 (EDT) (envelope-from sven@dmv.com) From: Sven Willenberger To: freebsd-net@freebsd.org Content-Type: text/plain Date: Wed, 23 Jun 2004 18:36:04 -0400 Message-Id: <1088030164.29367.57.camel@lanshark.dmv.com> Mime-Version: 1.0 X-Mailer: Evolution 1.5.9 Content-Transfer-Encoding: 7bit X-Scanned-By: MIMEDefang 2.39 X-Mailman-Approved-At: Thu, 24 Jun 2004 12:12:33 +0000 cc: freebsd-hackers@freebsd.org Subject: using netgraph to connect 2 physical interfaces into one virtual interface X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 23 Jun 2004 22:37:22 -0000 I am having a lot of trouble trying to make the following work (after some exhaustive googling etc) Goal: 2 interfaces (em0 and em1) to be "combined" or bonded into one virtual interface so as to provide both increased throughput and failover. Both physical ports connected to either the same or different switches with a virtual gateway (the configuration for which is being haandled separately). What I have tried (using netgraph) and the results: 1) (from the ng_one2many manpage): ifconfig em0 up ifconfig em1 up ngctl mkpeer em0: one2many upper one ngctl connect em0: em0:upper lower many0 ngctl connect em1: em0:upper lower many1 ...etc setting promisc and autosrc per the manpage the em0 is then ifconfig'd with the ip address etc as long as em0 link is up all seems good. When the link goes down (i.e. disconnect the ethernet cable), then 50% packet loss occurs as it tries to roundrobin and fail on the down side. Not a workable solution. 2) adapted from freebsd-security (derkweiler) http://www.derkeiler.com/Mailing-Lists/FreeBSD-Security/2004-01/0084.html thread : ifconfig em0 promisc -arp up ifconfig em1 promisc -arp up ngctl mkpeer . eiface hook ether ngctl mkpeer ngeth0: one2many upper one ngctl connect em0: ngeth0:upper lower many0 ngctl connect em1: ngeth0:upper lower many1 ngctl msg em0: setautosrc 0 ngctl msg em1: setautosrc 0 ifconfig ngeth0 lladdr [mac addie other than 00:00:00:00:00:00] ifconfig ngeth0 up now if I ifconfig -arp the ngeth0 interface and add the default route, etc, I get nowhere ... no ping responses no traffic if I ifconfig the ngeth0 and enable arp then I can ping but get duplicates (actually for each reply I end up with 3 (DUP!) replies. also, the traffic throughput is miserable. Using scp from another machine on the LAN I muster around 300KB/s to this machine, 10MB/s to another on the same lan. So my question is, without trying to get into ng_fec (which I understand will also need hardware support on the other end -- blades, etc), how can I connect the 2 physical interfaces together into a virtual interface that proves a) respectable throughput b) "normal" traffic patterns via icmp, etc and c) failover in the event one or the other link goes down?