From owner-freebsd-net@FreeBSD.ORG Sun Mar 7 22:10:33 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0177B16A4CE for ; Sun, 7 Mar 2004 22:10:33 -0800 (PST) Received: from sccrmhc11.comcast.net (sccrmhc11.comcast.net [204.127.202.55]) by mx1.FreeBSD.org (Postfix) with ESMTP id ADB6D43D1F for ; Sun, 7 Mar 2004 22:10:32 -0800 (PST) (envelope-from julian@elischer.org) Received: from interjet.elischer.org ([24.7.73.28]) by comcast.net (sccrmhc11) with ESMTP id <2004030806103101100hllp6e>; Mon, 8 Mar 2004 06:10:31 +0000 Received: from localhost (localhost.elischer.org [127.0.0.1]) by InterJet.elischer.org (8.9.1a/8.9.1) with ESMTP id WAA43135; Sun, 7 Mar 2004 22:10:30 -0800 (PST) Date: Sun, 7 Mar 2004 22:10:29 -0800 (PST) From: Julian Elischer To: "Jacob S. Barrett" In-Reply-To: <200403072022.51630.jbarrett@amduat.net> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII cc: freebsd-net@freebsd.org Subject: Re: Solution for Resilient VLAN Trunk Bonding X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 08 Mar 2004 06:10:33 -0000 On Sun, 7 Mar 2004, Jacob S. Barrett wrote: > Now that ng_vlan has been committed to FreeBSD-5 I have come up with a > solution for building a resilient VLAN interfaces over a VLAN trunk. I have > a machine that exists on multiple VLANs. It has two interfaces that are > connected to two different switches. The switches are trunked together as > well. Both switches are running Spanning Tree. With this solution if one > switch is taken out of commission, either for scheduled maintenance or > failure, the other switch and link to the server should failover. I have > tested this solution below thourally, but I wanted to get other opinions and > comments on it before I put it in production. > > I would have liked to have used either ng_fec or ng_one2many, but neither of > them detects link failures. Using ng_bridge and spanning trees solves that > problem. When spanning tree detects a topology change due to link failure > the other link tacks over. Unfortunately with this solution it does take > quite a while, up to 60 seconds, for the link to failover, but is better than > having to drive into the datacenter and manually making adjustments. Is > someone working on a solution for either ng_fec or ng_one2many to detect link > failures? I have a variant of ng_one2many that does link testing with it's own pings.. unfortunatly it needs to prepend a small header on data so it can separate out its pings from the data.. I'll try find it. Also, mpd does multilink pppp in netgraph nnodes and the multilink can be programmed as to how fast it detects failures. The tradeoff is being too sensitive and cutting off good links too quickly. > > Here is what I have done in good only ASCII art: > > sw1--fxp0--\ /--default(ng_eiface)--ngeth0 > | bond0(ng_bidge)--vlt0(ng_vlan)--vlan2(ng_eiface)--ngeth1 > sw2--xl0---/ \--vlan3(ng_eiface)--ngeth2 > > BEGIN vlan-bonding.sh: > #/bin/sh > > # Trunk interfaces must be up or setpromisc fails. > ifconfig fxp0 up > ifconfig xl0 up > > ngctl -f- < # Bonding (bond0) > # link0 => vlt0, link1 => fxp0, link2 => xl0 > # fxp0 > mkpeer fxp0: bridge lower link1 > name fxp0:lower bond0 > msg fxp0: setpromisc 1 > msg fxp0: setautosrc 0 > # xl0 > connect xl0: bond0: lower link2 > msg xl0: setpromisc 1 > msg xl0: setautosrc 0 > > # VLAN trunk (vlt0) > mkpeer bond0: vlan link0 downstream > name bond0:link0 vlt0 > > # VLAN Default (ngeth0) > mkpeer vlt0: eiface nomatch ether > name vlt0:nomatch default > > # VLAN 2 (ngeth1) > mkpeer vlt0: eiface vlan2 ether > msg vlt0: addfilter { vlan=2 hook="vlan2" } > name vlt0:vlan2 vlan2 > > # VLAN 3 (ngeth2) > mkpeer vlt0: eiface vlan3 ether > msg vlt0: addfilter { vlan=3 hook="vlan3" } > name vlt0:vlan3 vlan3 > EOF > > ifconfig ngeth0 link 70:6F:67:6F:00:00 > ifconfig ngeth0 link 70:6F:67:6F:00:01 > ifconfig ngeth0 link 70:6F:67:6F:00:02 > > END > > -- > Jacob S. Barrett > jbarrett@amduat.net > www.amduat.net > > "I don't suffer from insanity, I enjoy every minute of it." > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" >