Date: Mon, 8 Jul 2002 07:18:02 -0700 (PDT) From: Julian Elischer <julian@elischer.org> To: John Kozubik <john@kozubik.com> Cc: "M. Warner Losh" <imp@village.org>, freebsd-hackers@FreeBSD.ORG, net@freebsd.org Subject: Re: multi-link 802.11b through netgraph yields poor performance. Message-ID: <Pine.BSF.4.21.0207080700230.28668-100000@InterJet.elischer.org> In-Reply-To: <Pine.BSF.4.21.0207071629240.40375-100000@www>
next in thread | previous in thread | raw e-mail | index | archive | help
Sorry to cross post this, I want it in the archives.
[discussion on using mulitilink acrsss wireless cards deleted]
I have done similar, using two IP channels and with mpd as the
"one2many"
basically, assign real IP addresses to the 4 cards, on 2 separate
10.x.x.x/30 networks then open ksocket mpd nodes for each network, making
2 parallel 'pipes'.
then run mpd using the "netgraph" link type, and set up Multilink.
Multilink will round-robin forthe links, but it will also stop using a
link htat appears to have failed so you have some
redundancey:
here are my configs for this:
firstly the script that sets up the ksockets.
(Assumes all modules needed are loaded)
#!/bin/sh
# $FreeBSD: src/share/examples/netgraph/udp.tunnel,v 1.1 2000/01/28
00:44:30 archie Exp $
# This script sets up a virtual point-to-point WAN link between
# two subnets, using UDP packets as the ``WAN connection.''
# The two subnets might be non-routable addresses behind a
# firewall.
#
# Here define the local and remote inside networks as well
# as the local and remote outside IP addresses and UDP port
# number that will be used for the tunnel.
#
LOC_EXTERIOR_IP1=10.42.3.3
REM_EXTERIOR_IP1=10.42.5.1
UDP_TUNNEL_PORT1=4028
LOC_EXTERIOR_IP2=10.42.1.3
REM_EXTERIOR_IP2=10.42.4.1
UDP_TUNNEL_PORT2=4029
ngctl shutdown tee1:
ngctl shutdown tee2:
sleep 1
ngctl -f - <<DONE
mkpeer tee dummy left2right
name dummy tee1
mkpeer tee1: ksocket left inet/dgram/udp
name tee1:left ksock1
#
mkpeer tee dummy2 left2right
name dummy2 tee2
mkpeer tee2: ksocket left inet/dgram/udp
name tee2:left ksock2
DONE
#
# Bind the UDP socket to the local external IP address and port
# Connect the UDP socket to the peer's external IP address and port
#
cat <<DONE
msg ksock1: bind inet/${LOC_EXTERIOR_IP1}:${UDP_TUNNEL_PORT1}
msg ksock1: connect inet/${REM_EXTERIOR_IP1}:${UDP_TUNNEL_PORT1}
msg ksock2: bind inet/${LOC_EXTERIOR_IP2}:${UDP_TUNNEL_PORT2}
msg ksock2: connect inet/${REM_EXTERIOR_IP2}:${UDP_TUNNEL_PORT2}
DONE
ngctl -f - <<DONE
msg ksock1: bind inet/${LOC_EXTERIOR_IP1}:${UDP_TUNNEL_PORT1}
msg ksock1: connect inet/${REM_EXTERIOR_IP1}:${UDP_TUNNEL_PORT1}
DONE
sleep 2
ngctl -f - <<DONE
msg ksock2: bind inet/${LOC_EXTERIOR_IP2}:${UDP_TUNNEL_PORT2}
msg ksock2: connect inet/${REM_EXTERIOR_IP2}:${UDP_TUNNEL_PORT2}
DONE
netstat -finet -n
##end of script
And next the mpd.conf file:
default:
load vpn
vpn:
new -i ng1 vpn tunnel1 tunnel2
set iface disable on-demand
set iface addrs 108.106.78.53 192.168.150.85
set iface idle 0
set iface route 192.168.150.0/24
set ipcp yes vjcomp
set ipcp ranges 108.106.78.53/32 192.168.150.85/32
set bundle enable multilink
set bundle enable round-robin
set link tunnel1
set link yes acfcomp protocomp
set link no pap
set link no chap
set link keep-alive 2 15
set link tunnel2
set link yes acfcomp protocomp
set link no pap
set link no chap
set link keep-alive 2 15
open
and now the mpd.links file
tunnel1:
set link type ng
set ng node tee1:
set ng hook right
tunnel2:
set link type ng
set ng node tee2:
set ng hook right
##############
the result of this is two tunnels (which can actually be routed over the
internet and encryted with IPSEC if required) implemented completely
within the kernel, (mpd uses the netgraph ppp node)
that handles packet re-ordering and link failure.
I actually use this to connect 2 sites via different ISPs
so that if one link has a failure, my VPNs are still active.
It is extensible to as many ISPs as I need.. without requiring
any BGP mess. (my sites do not access the internet through these links
just use it as a transport for the VPNs.)
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0207080700230.28668-100000>