Hello list,
Please don''t shoot me. I know I''m doing something with bonding
that
bonding wasn''t made for. I just want to give it a try. I want a simple
mechanism to have a failover on a 24Mbit line to a 2Mbit line in case
the 24Mbit line goes down.
Between A and B there are two lines: a 24Mbit and a 2Mbit. I use two
OpenVPN tunnels with tap devices:
+-- tap0 (A)--- OpenVPN tunnel over 24Mbit --- tap0 (B) ---+
| |
A-+ +-B
| |
+-- tap1 (A)--- OpenVPN tunnel over 2Mbit ---- tap1 (B) ---+
I set up bond0 on both sides with tap0 as primary device using arpings:
/sbin/modprobe -v bonding \
mode=1 \
primary=tap0 \
arp_interval=2000 \
arp_ip_target=10.1.0.1 (2 on the other end)
bond0 (A) 10.1.0.1
bond0 (B) 10.2.0.1
When starting bond0 on both sides, everything is ok. When the 24Mbit
line goes down, the 2Mbit line takes over within a few seconds as
configured.
But the line is not coming back to the primary 24Mbit line as I
expected. There are no arpings sent into the 24Mbit tunnel.
OTOH, the normal situation is immediately restored when I assign an ip
address to the tap-devices and ping them directly (from 10.4.4.4 to
10.5.5.5, I get no reply, but that doesn''t matter)
+-- tap0 10.4.4.4 --- 24Mbit --- tap0 10.5.5.5 ---+
| |
bond0-+ (10.1.0.1) (10.2.0.1) +-bond0
| |
+-- tap1 10.6.6.6 --- 2Mbit ---- tap1 10.7.7.7 ---+
Anyone a hint (or a better idea)?
R.
--
___________________________________________________________________
It is better to remain silent and be thought a fool, than to speak
aloud and remove all doubt.
+------------------------------------------------------------------+
| Richard Lucassen, Utrecht |
| Public key and email address: |
| http://www.lucassen.org/mail-pubkey.html |
+------------------------------------------------------------------+
Hello, Why don''t you just use bridging with spanning tree? Will achieve exactly the thing you need. 1. Create br0 on both machines 2. Turn on spanning tree on br0 3. Choose one of them to be root 4. Assign tap0 and tap1 to br0 (tap0 having lower path cost) that''s it. Or just check if there is some kind of backup option in openvpn - to start a tunnel to another host if the primary one fails... Can''t help you here - I''ve never used openvpn. Bonding is used for combining interfaces with equal bandwidth and IMO will have unpredicted consequences in your scenario :-) Regards richard lucassen wrote:> Hello list, > > Please don''t shoot me. I know I''m doing something with bonding that > bonding wasn''t made for. I just want to give it a try. I want a simple > mechanism to have a failover on a 24Mbit line to a 2Mbit line in case > the 24Mbit line goes down. > > Between A and B there are two lines: a 24Mbit and a 2Mbit. I use two > OpenVPN tunnels with tap devices: > > +-- tap0 (A)--- OpenVPN tunnel over 24Mbit --- tap0 (B) ---+ > | | > A-+ +-B > | | > +-- tap1 (A)--- OpenVPN tunnel over 2Mbit ---- tap1 (B) ---+ > > I set up bond0 on both sides with tap0 as primary device using arpings: > > /sbin/modprobe -v bonding \ > mode=1 \ > primary=tap0 \ > arp_interval=2000 \ > arp_ip_target=10.1.0.1 (2 on the other end) > > bond0 (A) 10.1.0.1 > bond0 (B) 10.2.0.1 > > When starting bond0 on both sides, everything is ok. When the 24Mbit > line goes down, the 2Mbit line takes over within a few seconds as > configured. > > But the line is not coming back to the primary 24Mbit line as I > expected. There are no arpings sent into the 24Mbit tunnel. > > OTOH, the normal situation is immediately restored when I assign an ip > address to the tap-devices and ping them directly (from 10.4.4.4 to > 10.5.5.5, I get no reply, but that doesn''t matter) > > > +-- tap0 10.4.4.4 --- 24Mbit --- tap0 10.5.5.5 ---+ > | | > bond0-+ (10.1.0.1) (10.2.0.1) +-bond0 > | | > +-- tap1 10.6.6.6 --- 2Mbit ---- tap1 10.7.7.7 ---+ > > Anyone a hint (or a better idea)? > > R. >-- Anton Glinkov network administrator
On Tue, 14 Aug 2007 00:38:04 +0300 Anton Glinkov <lartc@ssi.bg> wrote:> Why don''t you just use bridging with spanning tree? > Will achieve exactly the thing you need. > > 1. Create br0 on both machines > 2. Turn on spanning tree on br0 > 3. Choose one of them to be root > 4. Assign tap0 and tap1 to br0 (tap0 having lower path cost) > that''s it.Hmm, "keep things as simple as possible, but not any simpler", Einstein once said :-)> Or just check if there is some kind of backup option in openvpn - to > start a tunnel to another host if the primary one fails... > Can''t help you here - I''ve never used openvpn.There is an option in the 2.1 version which is called "multihome" and "float" (IIRC), but switching (almost) instantly from one server address to another is not workable as there is a hardcoded timeout (AFAIK).> Bonding is used for combining interfaces with equal bandwidth and IMO > will have unpredicted consequences in your scenario :-)Not as long as I use failover only ;-) But I''ll try the stp option tomorrow. It''s beer time here :-) -- ___________________________________________________________________ It is better to remain silent and be thought a fool, than to speak aloud and remove all doubt. +------------------------------------------------------------------+ | Richard Lucassen, Utrecht | | Public key and email address: | | http://www.lucassen.org/mail-pubkey.html | +------------------------------------------------------------------+
On Tue, 14 Aug 2007 00:38:04 +0300 Anton Glinkov <lartc@ssi.bg> wrote:> Why don''t you just use bridging with spanning tree? > Will achieve exactly the thing you need. > > 1. Create br0 on both machines > 2. Turn on spanning tree on br0 > 3. Choose one of them to be root > 4. Assign tap0 and tap1 to br0 (tap0 having lower path cost) > that''s it.Works like a charm :) -- ___________________________________________________________________ It is better to remain silent and be thought a fool, than to speak aloud and remove all doubt. +------------------------------------------------------------------+ | Richard Lucassen, Utrecht | | Public key and email address: | | http://www.lucassen.org/mail-pubkey.html | +------------------------------------------------------------------+