[aklug] Re: Bonding multiple network connections

Arthur and Shane - My current setup is two connections over GCI. Not for
redundancy but load balancing; the ability to open multiple TCP sessions and
max out each connection. I want to have one TCP session over multiple
connections. There's one NIC on my LAN pushing all the traffic, then the
router just round-robin splits every other request over the two connections.
 So it's a single L2 connection to my switch, with the software conducting
the load balancing. So far, so good (I think). To the best of my
knowledge, GCI doesn't support bonding the two connections on their end into
one bigger pipe, so I'm thinking I could create a VPN session over each
connection to a host in a datacenter that I control, having that host then
be my router and re-assemble the two TCP streams into a single TCP session,
and route it back out to it's ultimate destination. Kind of like so:
               ___________ ____________

              |LAN Gateway|ETH0----VPN----ETH0|Data Center |

My LAN----ETH2| Router | |Hosted Box |ETH1------Internet

              |___________|ETH1----VPN----ETH0|____________|

Per Shane's recommendation, reading through bonding.txt, it appears the
"balance-rr" mode may be what I'm after, if I can get the kernel to conduct
this balancing over the VPN connection. I'll probably have to deal with
some packets getting out of order so it won't scale 100% linear, but
hopefully it would be better than nothing. So, yes, looking to aggregate at
the L3 (well, more like L5 if you want to get technical with the VPN), but
essentially L3 as it's the TCP session in the end that needs split over two
links, then reassembled on the other end.

I'll need to have the box on the other end have a total connection
essentially 2x what I'll be sending to it, so it can route the traffic out.
 So if both my links are 1.0Mbps each, bonded to 2Mbps, I'll need to make
sure the box has 4Mbps in available bandwidth.

Shane - Is this what you're saying you tested successfully with
multilink-ppp (via pptp) and vtun? And I'm definitely interested in your
ipovpn project if you're offering.... ;)

As I said previously, comments are welcome.

Scott

On Wed, Jan 20, 2010 at 22:20, Arthur Corliss <acorliss@nevaeh-linux.org>
wrote:
> On Wed, 20 Jan 2010, Shane R. Spencer wrote:
>
>> Scott and All,
>>
>> In the kernel documentation there is a file called bonding.txt which is
>> a great resource for this. There are several modes that will do exactly
>> what you want including balance-rr, balance-tlb, balance-alb. I haven't
>> tested the latter two in a while but I did an exhaustive analysis on the
>> other modes for a bonding project I was working on and balance-rr will
>> do what you want, however bonding on top of tap devices can be tricky
>> due to the lack of ethernet status/speed support. If you control both
>> sides of each connection then you can use this module to do pretty much
>> anything. If you're ISP supports XOR or LACP then you can at least
>> split the load of several clients to multiple destinations and have a
>> wide connection with several channels set to a specific speed. This can
>> be achieved without bonding by using multi-hop routes:
>> http://lartc.org/howto/lartc.rpdb.multiple-links.html
>
> I think Scott needs to provide more information on his setup, but I don't
> think bonding is going to help him at all. If he's using two different
ISPs
> to provide redundancy then he won't have the option of assigning a single
IP
> address to a bonded interface. If he has two connections to the same ISP,
> perhaps, but not otherwise. L3 doesn't work that way.
>
> Based on his description of his setup I'd bet he's using a iproute2-styled
> multihomed setup which, again, will not aggregate bandwidth for a single
TCP
> session.
>
> Now, what you're describing with multilink ppp sounds like it would work.
> As I said, I've never bothered to play with that.
>
> --Arthur Corliss
> Live Free or Die
>

-- 
Scott A. Johnson
scott.a.johnson@gmail.com
http://scojo.us
mobile: +1.907.240.2483
---------
To unsubscribe, send email to <aklug-request@aklug.org>
with 'unsubscribe' in the message body.