Re: bonding tap devices

Linux Advanced Routing and Traffic Control

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hello,

Why don't you just use bridging with spanning tree?
Will achieve exactly the thing you need.

1. Create br0 on both machines
2. Turn on spanning tree on br0
3. Choose one of them to be root
4. Assign tap0 and tap1 to br0 (tap0 having lower path cost)
that's it.
Or just check if there is some kind of backup option in openvpn - to start a tunnel to another host if the primary one fails... 
Can't help you here - I've never used openvpn.
Bonding is used for combining interfaces with equal bandwidth and IMO will have unpredicted consequences in your scenario :-) 

Regards

richard lucassen wrote:

Hello list,

Please don't shoot me. I know I'm doing something with bonding that
bonding wasn't made for. I just want to give it a try. I want a simple
mechanism to have a failover on a 24Mbit line to a 2Mbit line in case
the 24Mbit line goes down.

Between A and B there are two lines: a 24Mbit and a 2Mbit. I use two
OpenVPN tunnels with tap devices:

  +-- tap0 (A)--- OpenVPN tunnel over 24Mbit --- tap0 (B) ---+
  |                                                          |
A-+                                                          +-B
  |                                                          |
  +-- tap1 (A)--- OpenVPN tunnel over 2Mbit ---- tap1 (B) ---+

I set up bond0 on both sides with tap0 as primary device using arpings:

  /sbin/modprobe -v bonding \
    mode=1 \
    primary=tap0 \
    arp_interval=2000 \
    arp_ip_target=10.1.0.1 (2 on the other end)

bond0 (A) 10.1.0.1
bond0 (B) 10.2.0.1

When starting bond0 on both sides, everything is ok. When the 24Mbit
line goes down, the 2Mbit line takes over within a few seconds as
configured.

But the line is not coming back to the primary 24Mbit line as I
expected. There are no arpings sent into the 24Mbit tunnel.

OTOH, the normal situation is immediately restored when I assign an ip
address to the tap-devices and ping them directly (from 10.4.4.4 to
10.5.5.5, I get no reply, but that doesn't matter)


      +-- tap0 10.4.4.4 --- 24Mbit --- tap0 10.5.5.5 ---+
      |                                                 |
bond0-+ (10.1.0.1)                           (10.2.0.1) +-bond0
      |                                                 |
      +-- tap1 10.6.6.6 --- 2Mbit ---- tap1 10.7.7.7 ---+

Anyone a hint (or a better idea)?

R.



--
Anton Glinkov
network administrator
_______________________________________________
LARTC mailing list
LARTC@xxxxxxxxxxxxxxx
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
[Index of Archives]     [LARTC Home Page]     [Netfilter]     [Netfilter Development]     [Network Development]     [Bugtraq]     [GCC Help]     [Yosemite News]     [Linux Kernel]     [Fedora Users]
  Powered by Linux