From owner-freebsd-stable@FreeBSD.ORG Fri Feb 4 12:35:33 2011 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id E06E51065672 for ; Fri, 4 Feb 2011 12:35:33 +0000 (UTC) (envelope-from ml@my.gd) Received: from mail-wy0-f182.google.com (mail-wy0-f182.google.com [74.125.82.182]) by mx1.freebsd.org (Postfix) with ESMTP id 7F8148FC14 for ; Fri, 4 Feb 2011 12:35:33 +0000 (UTC) Received: by wyf19 with SMTP id 19so2250587wyf.13 for ; Fri, 04 Feb 2011 04:35:32 -0800 (PST) Received: by 10.227.146.80 with SMTP id g16mr8270386wbv.77.1296822932363; Fri, 04 Feb 2011 04:35:32 -0800 (PST) Received: from dfleuriot.technique-admin.paris.hi-media-techno.com ([83.167.62.196]) by mx.google.com with ESMTPS id x1sm482823wbh.2.2011.02.04.04.35.31 (version=SSLv3 cipher=RC4-MD5); Fri, 04 Feb 2011 04:35:31 -0800 (PST) Message-ID: <4D4BF293.9010604@my.gd> Date: Fri, 04 Feb 2011 13:35:31 +0100 From: Damien Fleuriot User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US; rv:1.9.2.13) Gecko/20101207 Thunderbird/3.1.7 MIME-Version: 1.0 To: Pete French References: In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Cc: freebsd-stable@freebsd.org Subject: Re: link aggregation - bundling 2 lagg interfaces together X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 04 Feb 2011 12:35:34 -0000 On 2/4/11 1:19 PM, Pete French wrote: > If you want failover using lagg then your best bet is to get lagg between > two ports on different switches. If you have a pair of switches which > will present as a single device then you can use LACP to do this, else > use simple failover. I do this for all our servers and it works very > nicely. > > In your setup I am not sure why you are originally lagging the pairs of > interfaces to the same switch. Is that to try and increase capacity ? > If so then I have never found it to work - all the traffic goes over > one interface for me. > > -pete. Indeed, I'm lagg'ing the 2 interfaces together to increase capacity, then I also wished to provide failover. Sadly our switches are not stacked and will not allow me to get a port-channel on 2 different switches. For servers we use simple aggregation with 2 interfaces using failover, on switches A and B. For this project's firewalls, historically, we've had no layer 2 redundancy at all, just physical interfaces being given IPs, and the firewalls sharing a CARP address. Even if I can't concatenate my 2 lagg interfaces into a failover one over the 2 switches, the new setup will still be an improvement. Regarding your problem of not getting LACP to work correctly for you, find below a snip from my firewall just now, with interface lagg0 as a LACP on switch1 # ./ifstat -i em1,em2,lagg0,vlan16 em1 em2 lagg0 vlan16 KB/s in KB/s out KB/s in KB/s out KB/s in KB/s out KB/s in KB/s out 0.00 129.87 4366.33 0.76 4366.33 130.63 4366.33 130.63 0.00 323.96 11105.00 0.19 11105.00 324.15 11105.00 324.15 0.00 301.76 10225.03 0.19 10225.03 301.94 10224.97 301.94 0.00 202.13 6868.14 0.19 6868.14 202.32 6868.08 202.32 This is the traffic as I downloaded a MFS BSD iso from another server. You will notice that inbound traffic is not shared amongst em1 and em2. However, keep in mind that the LACP load balancing is done using a hash combination of source/dest MACs and IPs as well as the vlan tag if any. Perhaps you would get better results if you tried downloading a test file from 2 different sources. I'll have to try that.