Solution for Resilient VLAN Trunk Bonding

Jacob S. Barrett jbarrett at amduat.net
Sun Mar 7 20:22:53 PST 2004 

Now that ng_vlan has been committed to FreeBSD-5 I have come up with a 
solution for building a resilient VLAN interfaces over a VLAN trunk.  I have 
a machine that exists on multiple VLANs.  It has two interfaces that are 
connected to two different switches.  The switches are trunked together as 
well.  Both switches are running Spanning Tree.  With this solution if one 
switch is taken out of commission, either for scheduled maintenance or 
failure, the other switch and link to the server should failover.  I have 
tested this solution below thourally, but I wanted to get other opinions and 
comments on it before I put it in production.

I would have liked to have used either ng_fec or ng_one2many, but neither of 
them detects link failures.  Using ng_bridge and spanning trees solves that 
problem.  When spanning tree detects a topology change due to link failure 
the other link tacks over.  Unfortunately with this solution it does take 
quite a while, up to 60 seconds, for the link to failover, but is better than 
having to drive into the datacenter and manually making adjustments.  Is 
someone working on a solution for either ng_fec or ng_one2many to detect link 
failures?

Here is what I have done in good only ASCII art:

sw1--fxp0--\                              /--default(ng_eiface)--ngeth0
 |          bond0(ng_bidge)--vlt0(ng_vlan)--vlan2(ng_eiface)--ngeth1
sw2--xl0---/                              \--vlan3(ng_eiface)--ngeth2

BEGIN vlan-bonding.sh:
#/bin/sh

# Trunk interfaces must be up or setpromisc fails.
ifconfig fxp0 up
ifconfig xl0 up

ngctl -f- <<EOF
# Bonding (bond0)
# link0 => vlt0, link1 => fxp0, link2 => xl0
# fxp0
mkpeer fxp0: bridge lower link1
name fxp0:lower bond0
msg fxp0: setpromisc 1
msg fxp0: setautosrc 0
# xl0
connect xl0: bond0: lower link2
msg xl0: setpromisc 1
msg xl0: setautosrc 0

# VLAN trunk (vlt0)
mkpeer bond0: vlan link0 downstream
name bond0:link0 vlt0

# VLAN Default (ngeth0)
mkpeer vlt0: eiface nomatch ether
name vlt0:nomatch default

# VLAN 2 (ngeth1)
mkpeer vlt0: eiface vlan2 ether
msg vlt0: addfilter { vlan=2 hook="vlan2" }
name vlt0:vlan2 vlan2

# VLAN 3 (ngeth2)
mkpeer vlt0: eiface vlan3 ether
msg vlt0: addfilter { vlan=3 hook="vlan3" }
name vlt0:vlan3 vlan3
EOF

ifconfig ngeth0 link 70:6F:67:6F:00:00
ifconfig ngeth0 link 70:6F:67:6F:00:01
ifconfig ngeth0 link 70:6F:67:6F:00:02

END

-- 
Jacob S. Barrett
jbarrett at amduat.net
www.amduat.net

"I don't suffer from insanity, I enjoy every minute of it."

More information about the freebsd-net mailing list