1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192939495969798991001011021031041051061071081091101111121131141151161171181191201211221231241251261271281291301311321331341351361371381391401411421431441451461471481491501511521531541551561571581591601611621631641651661671681691701711721731741751761771781791801811821831841851861871881891901911921931941951961971981992002012022032042052062072082092102112122132142152162172182192202212222232242252262272282292302312322332342352362372382392402412422432442452462472482492502512522532542552562572582592602612622632642652662672682692702712722732742752762772782792802812822832842852862872882892902912922932942952962972982993003013023033043053063073083093103113123133143153163173183193203213223233243253263273283293303313323333343353363373383393403413423433443453463473483493503513523533543553563573583593603613623633643653663673683693703713723733743753763773783793803813823833843853863873883893903913923933943953963973983994004014024034044054064074084094104114124134144154164174184194204214224234244254264274284294304314324334344354364374384394404414424434444454464474484494504514524534544554564574584594604614624634644654664674684694704714724734744754764774784794804814824834844854864874884894904914924934944954964974984995005015025035045055065075085095105115125135145155165175185195205215225235245255265275285295305315325335345355365375385395405415425435445455465475485495505515525535545555565575585595605615625635645655665675685695705715725735745755765775785795805815825835845855865875885895905915925935945955965975985996006016026036046056066076086096106116126136146156166176186196206216226236246256266276286296306316326336346356366376386396406416426436446456466476486496506516526536546556566576586596606616626636646656666676686696706716726736746756766776786796806816826836846856866876886896906916926936946956966976986997007017027037047057067077087097107117127137147157167177187197207217227237247257267277287297307317327337347357367377387397407417427437447457467477487497507517527537547557567577587597607617627637647657667677687697707717727737747757767777787797807817827837847857867877887897907917927937947957967977987998008018028038048058068078088098108118128138148158168178188198208218228238248258268278288298308318328338348358368378388398408418428438448458468478488498508518528538548558568578588598608618628638648658668678688698708718728738748758768778788798808818828838848858868878888898908918928938948958968978988999009019029039049059069079089099109119129139149159169179189199209219229239249259269279289299309319329339349359369379389399409419429439449459469479489499509519529539549559569579589599609619629639649659669679689699709719729739749759769779789799809819829839849859869879889899909919929939949959969979989991000100110021003100410051006100710081009101010111012101310141015101610171018101910201021102210231024102510261027102810291030103110321033103410351036103710381039104010411042104310441045104610471048104910501051105210531054105510561057105810591060106110621063106410651066106710681069107010711072107310741075107610771078107910801081108210831084108510861087108810891090109110921093109410951096109710981099110011011102110311041105110611071108110911101111111211131114111511161117111811191120112111221123112411251126112711281129113011311132113311341135113611371138113911401141114211431144114511461147114811491150115111521153115411551156115711581159116011611162116311641165116611671168116911701171117211731174117511761177117811791180118111821183118411851186118711881189119011911192119311941195119611971198119912001201120212031204120512061207120812091210121112121213121412151216121712181219122012211222122312241225122612271228122912301231123212331234123512361237123812391240124112421243124412451246124712481249125012511252125312541255125612571258125912601261126212631264126512661267126812691270127112721273127412751276127712781279128012811282128312841285128612871288128912901291129212931294129512961297129812991300130113021303130413051306130713081309131013111312131313141315131613171318131913201321132213231324132513261327132813291330133113321333133413351336133713381339134013411342134313441345134613471348134913501351135213531354135513561357135813591360136113621363136413651366136713681369137013711372137313741375137613771378137913801381138213831384138513861387138813891390139113921393139413951396139713981399140014011402140314041405140614071408140914101411141214131414141514161417141814191420142114221423142414251426142714281429143014311432143314341435143614371438143914401441144214431444144514461447144814491450145114521453145414551456145714581459146014611462146314641465146614671468146914701471147214731474147514761477147814791480148114821483148414851486148714881489149014911492149314941495149614971498149915001501150215031504150515061507150815091510151115121513151415151516151715181519152015211522152315241525152615271528152915301531153215331534153515361537153815391540154115421543154415451546154715481549155015511552155315541555155615571558155915601561156215631564156515661567156815691570157115721573157415751576157715781579158015811582158315841585158615871588158915901591159215931594159515961597159815991600160116021603160416051606160716081609161016111612161316141615161616171618161916201621162216231624162516261627162816291630163116321633163416351636163716381639164016411642164316441645164616471648164916501651165216531654165516561657165816591660166116621663166416651666166716681669167016711672167316741675167616771678167916801681168216831684168516861687168816891690169116921693169416951696169716981699170017011702170317041705170617071708170917101711171217131714171517161717171817191720172117221723172417251726172717281729173017311732173317341735173617371738173917401741174217431744174517461747174817491750175117521753175417551756175717581759176017611762176317641765176617671768176917701771177217731774177517761777177817791780178117821783178417851786178717881789179017911792179317941795179617971798179918001801180218031804180518061807180818091810181118121813181418151816181718181819182018211822182318241825182618271828182918301831183218331834183518361837183818391840184118421843184418451846184718481849185018511852185318541855185618571858185918601861186218631864186518661867186818691870187118721873187418751876187718781879188018811882188318841885188618871888188918901891189218931894189518961897189818991900190119021903190419051906190719081909191019111912191319141915191619171918191919201921192219231924192519261927192819291930193119321933193419351936193719381939194019411942194319441945194619471948194919501951195219531954195519561957195819591960196119621963196419651966196719681969197019711972197319741975197619771978197919801981198219831984198519861987198819891990199119921993199419951996199719981999200020012002200320042005200620072008200920102011201220132014201520162017201820192020202120222023202420252026202720282029203020312032203320342035203620372038203920402041204220432044204520462047204820492050205120522053205420552056205720582059206020612062206320642065206620672068206920702071207220732074207520762077207820792080208120822083208420852086208720882089209020912092209320942095209620972098209921002101210221032104210521062107210821092110211121122113211421152116211721182119212021212122212321242125212621272128212921302131213221332134213521362137213821392140214121422143214421452146214721482149215021512152215321542155215621572158215921602161216221632164216521662167216821692170217121722173217421752176217721782179218021812182218321842185218621872188218921902191219221932194219521962197219821992200220122022203220422052206220722082209221022112212221322142215221622172218221922202221222222232224222522262227222822292230223122322233223422352236223722382239224022412242224322442245224622472248224922502251225222532254225522562257225822592260226122622263226422652266226722682269227022712272227322742275227622772278227922802281228222832284228522862287228822892290229122922293229422952296229722982299230023012302230323042305230623072308230923102311231223132314231523162317231823192320232123222323232423252326232723282329233023312332233323342335233623372338233923402341234223432344234523462347234823492350235123522353235423552356235723582359236023612362236323642365236623672368236923702371237223732374237523762377237823792380238123822383238423852386238723882389239023912392239323942395239623972398239924002401240224032404240524062407240824092410241124122413241424152416241724182419242024212422242324242425242624272428242924302431243224332434243524362437243824392440244124422443244424452446244724482449245024512452245324542455245624572458245924602461246224632464246524662467246824692470247124722473247424752476247724782479248024812482248324842485248624872488248924902491249224932494249524962497249824992500250125022503250425052506250725082509251025112512251325142515251625172518251925202521252225232524252525262527252825292530253125322533253425352536253725382539254025412542254325442545254625472548254925502551255225532554255525562557255825592560256125622563256425652566256725682569257025712572257325742575257625772578257925802581258225832584258525862587258825892590259125922593259425952596259725982599260026012602260326042605260626072608260926102611261226132614261526162617261826192620262126222623262426252626262726282629263026312632263326342635263626372638263926402641264226432644264526462647264826492650265126522653265426552656265726582659266026612662266326642665266626672668266926702671267226732674267526762677267826792680268126822683268426852686268726882689269026912692269326942695269626972698269927002701270227032704270527062707270827092710271127122713271427152716271727182719272027212722272327242725272627272728272927302731273227332734273527362737273827392740274127422743274427452746274727482749275027512752275327542755275627572758275927602761276227632764276527662767276827692770277127722773277427752776277727782779278027812782278327842785278627872788278927902791279227932794279527962797279827992800280128022803280428052806280728082809281028112812281328142815281628172818281928202821282228232824282528262827 |
- Linux Ethernet Bonding Driver HOWTO
- Latest update: 27 April 2011
- Initial release : Thomas Davis <tadavis at lbl.gov>
- Corrections, HA extensions : 2000/10/03-15 :
- - Willy Tarreau <willy at meta-x.org>
- - Constantine Gavrilov <const-g at xpert.com>
- - Chad N. Tindel <ctindel at ieee dot org>
- - Janice Girouard <girouard at us dot ibm dot com>
- - Jay Vosburgh <fubar at us dot ibm dot com>
- Reorganized and updated Feb 2005 by Jay Vosburgh
- Added Sysfs information: 2006/04/24
- - Mitch Williams <mitch.a.williams at intel.com>
- Introduction
- ============
- The Linux bonding driver provides a method for aggregating
- multiple network interfaces into a single logical "bonded" interface.
- The behavior of the bonded interfaces depends upon the mode; generally
- speaking, modes provide either hot standby or load balancing services.
- Additionally, link integrity monitoring may be performed.
-
- The bonding driver originally came from Donald Becker's
- beowulf patches for kernel 2.0. It has changed quite a bit since, and
- the original tools from extreme-linux and beowulf sites will not work
- with this version of the driver.
- For new versions of the driver, updated userspace tools, and
- who to ask for help, please follow the links at the end of this file.
- Table of Contents
- =================
- 1. Bonding Driver Installation
- 2. Bonding Driver Options
- 3. Configuring Bonding Devices
- 3.1 Configuration with Sysconfig Support
- 3.1.1 Using DHCP with Sysconfig
- 3.1.2 Configuring Multiple Bonds with Sysconfig
- 3.2 Configuration with Initscripts Support
- 3.2.1 Using DHCP with Initscripts
- 3.2.2 Configuring Multiple Bonds with Initscripts
- 3.3 Configuring Bonding Manually with Ifenslave
- 3.3.1 Configuring Multiple Bonds Manually
- 3.4 Configuring Bonding Manually via Sysfs
- 3.5 Configuration with Interfaces Support
- 3.6 Overriding Configuration for Special Cases
- 3.7 Configuring LACP for 802.3ad mode in a more secure way
- 4. Querying Bonding Configuration
- 4.1 Bonding Configuration
- 4.2 Network Configuration
- 5. Switch Configuration
- 6. 802.1q VLAN Support
- 7. Link Monitoring
- 7.1 ARP Monitor Operation
- 7.2 Configuring Multiple ARP Targets
- 7.3 MII Monitor Operation
- 8. Potential Trouble Sources
- 8.1 Adventures in Routing
- 8.2 Ethernet Device Renaming
- 8.3 Painfully Slow Or No Failed Link Detection By Miimon
- 9. SNMP agents
- 10. Promiscuous mode
- 11. Configuring Bonding for High Availability
- 11.1 High Availability in a Single Switch Topology
- 11.2 High Availability in a Multiple Switch Topology
- 11.2.1 HA Bonding Mode Selection for Multiple Switch Topology
- 11.2.2 HA Link Monitoring for Multiple Switch Topology
- 12. Configuring Bonding for Maximum Throughput
- 12.1 Maximum Throughput in a Single Switch Topology
- 12.1.1 MT Bonding Mode Selection for Single Switch Topology
- 12.1.2 MT Link Monitoring for Single Switch Topology
- 12.2 Maximum Throughput in a Multiple Switch Topology
- 12.2.1 MT Bonding Mode Selection for Multiple Switch Topology
- 12.2.2 MT Link Monitoring for Multiple Switch Topology
- 13. Switch Behavior Issues
- 13.1 Link Establishment and Failover Delays
- 13.2 Duplicated Incoming Packets
- 14. Hardware Specific Considerations
- 14.1 IBM BladeCenter
- 15. Frequently Asked Questions
- 16. Resources and Links
- 1. Bonding Driver Installation
- ==============================
- Most popular distro kernels ship with the bonding driver
- already available as a module. If your distro does not, or you
- have need to compile bonding from source (e.g., configuring and
- installing a mainline kernel from kernel.org), you'll need to perform
- the following steps:
- 1.1 Configure and build the kernel with bonding
- -----------------------------------------------
- The current version of the bonding driver is available in the
- drivers/net/bonding subdirectory of the most recent kernel source
- (which is available on http://kernel.org). Most users "rolling their
- own" will want to use the most recent kernel from kernel.org.
- Configure kernel with "make menuconfig" (or "make xconfig" or
- "make config"), then select "Bonding driver support" in the "Network
- device support" section. It is recommended that you configure the
- driver as module since it is currently the only way to pass parameters
- to the driver or configure more than one bonding device.
- Build and install the new kernel and modules.
- 1.2 Bonding Control Utility
- -------------------------------------
- It is recommended to configure bonding via iproute2 (netlink)
- or sysfs, the old ifenslave control utility is obsolete.
- 2. Bonding Driver Options
- =========================
- Options for the bonding driver are supplied as parameters to the
- bonding module at load time, or are specified via sysfs.
- Module options may be given as command line arguments to the
- insmod or modprobe command, but are usually specified in either the
- /etc/modrobe.d/*.conf configuration files, or in a distro-specific
- configuration file (some of which are detailed in the next section).
- Details on bonding support for sysfs is provided in the
- "Configuring Bonding Manually via Sysfs" section, below.
- The available bonding driver parameters are listed below. If a
- parameter is not specified the default value is used. When initially
- configuring a bond, it is recommended "tail -f /var/log/messages" be
- run in a separate window to watch for bonding driver error messages.
- It is critical that either the miimon or arp_interval and
- arp_ip_target parameters be specified, otherwise serious network
- degradation will occur during link failures. Very few devices do not
- support at least miimon, so there is really no reason not to use it.
- Options with textual values will accept either the text name
- or, for backwards compatibility, the option value. E.g.,
- "mode=802.3ad" and "mode=4" set the same mode.
- The parameters are as follows:
- active_slave
- Specifies the new active slave for modes that support it
- (active-backup, balance-alb and balance-tlb). Possible values
- are the name of any currently enslaved interface, or an empty
- string. If a name is given, the slave and its link must be up in order
- to be selected as the new active slave. If an empty string is
- specified, the current active slave is cleared, and a new active
- slave is selected automatically.
- Note that this is only available through the sysfs interface. No module
- parameter by this name exists.
- The normal value of this option is the name of the currently
- active slave, or the empty string if there is no active slave or
- the current mode does not use an active slave.
- ad_actor_sys_prio
- In an AD system, this specifies the system priority. The allowed range
- is 1 - 65535. If the value is not specified, it takes 65535 as the
- default value.
- This parameter has effect only in 802.3ad mode and is available through
- SysFs interface.
- ad_actor_system
- In an AD system, this specifies the mac-address for the actor in
- protocol packet exchanges (LACPDUs). The value cannot be NULL or
- multicast. It is preferred to have the local-admin bit set for this
- mac but driver does not enforce it. If the value is not given then
- system defaults to using the masters' mac address as actors' system
- address.
- This parameter has effect only in 802.3ad mode and is available through
- SysFs interface.
- ad_select
- Specifies the 802.3ad aggregation selection logic to use. The
- possible values and their effects are:
- stable or 0
- The active aggregator is chosen by largest aggregate
- bandwidth.
- Reselection of the active aggregator occurs only when all
- slaves of the active aggregator are down or the active
- aggregator has no slaves.
- This is the default value.
- bandwidth or 1
- The active aggregator is chosen by largest aggregate
- bandwidth. Reselection occurs if:
- - A slave is added to or removed from the bond
- - Any slave's link state changes
- - Any slave's 802.3ad association state changes
- - The bond's administrative state changes to up
- count or 2
- The active aggregator is chosen by the largest number of
- ports (slaves). Reselection occurs as described under the
- "bandwidth" setting, above.
- The bandwidth and count selection policies permit failover of
- 802.3ad aggregations when partial failure of the active aggregator
- occurs. This keeps the aggregator with the highest availability
- (either in bandwidth or in number of ports) active at all times.
- This option was added in bonding version 3.4.0.
- ad_user_port_key
- In an AD system, the port-key has three parts as shown below -
- Bits Use
- 00 Duplex
- 01-05 Speed
- 06-15 User-defined
- This defines the upper 10 bits of the port key. The values can be
- from 0 - 1023. If not given, the system defaults to 0.
- This parameter has effect only in 802.3ad mode and is available through
- SysFs interface.
- all_slaves_active
- Specifies that duplicate frames (received on inactive ports) should be
- dropped (0) or delivered (1).
- Normally, bonding will drop duplicate frames (received on inactive
- ports), which is desirable for most users. But there are some times
- it is nice to allow duplicate frames to be delivered.
- The default value is 0 (drop duplicate frames received on inactive
- ports).
- arp_interval
- Specifies the ARP link monitoring frequency in milliseconds.
- The ARP monitor works by periodically checking the slave
- devices to determine whether they have sent or received
- traffic recently (the precise criteria depends upon the
- bonding mode, and the state of the slave). Regular traffic is
- generated via ARP probes issued for the addresses specified by
- the arp_ip_target option.
- This behavior can be modified by the arp_validate option,
- below.
- If ARP monitoring is used in an etherchannel compatible mode
- (modes 0 and 2), the switch should be configured in a mode
- that evenly distributes packets across all links. If the
- switch is configured to distribute the packets in an XOR
- fashion, all replies from the ARP targets will be received on
- the same link which could cause the other team members to
- fail. ARP monitoring should not be used in conjunction with
- miimon. A value of 0 disables ARP monitoring. The default
- value is 0.
- arp_ip_target
- Specifies the IP addresses to use as ARP monitoring peers when
- arp_interval is > 0. These are the targets of the ARP request
- sent to determine the health of the link to the targets.
- Specify these values in ddd.ddd.ddd.ddd format. Multiple IP
- addresses must be separated by a comma. At least one IP
- address must be given for ARP monitoring to function. The
- maximum number of targets that can be specified is 16. The
- default value is no IP addresses.
- arp_validate
- Specifies whether or not ARP probes and replies should be
- validated in any mode that supports arp monitoring, or whether
- non-ARP traffic should be filtered (disregarded) for link
- monitoring purposes.
- Possible values are:
- none or 0
- No validation or filtering is performed.
- active or 1
- Validation is performed only for the active slave.
- backup or 2
- Validation is performed only for backup slaves.
- all or 3
- Validation is performed for all slaves.
- filter or 4
- Filtering is applied to all slaves. No validation is
- performed.
- filter_active or 5
- Filtering is applied to all slaves, validation is performed
- only for the active slave.
- filter_backup or 6
- Filtering is applied to all slaves, validation is performed
- only for backup slaves.
- Validation:
- Enabling validation causes the ARP monitor to examine the incoming
- ARP requests and replies, and only consider a slave to be up if it
- is receiving the appropriate ARP traffic.
- For an active slave, the validation checks ARP replies to confirm
- that they were generated by an arp_ip_target. Since backup slaves
- do not typically receive these replies, the validation performed
- for backup slaves is on the broadcast ARP request sent out via the
- active slave. It is possible that some switch or network
- configurations may result in situations wherein the backup slaves
- do not receive the ARP requests; in such a situation, validation
- of backup slaves must be disabled.
- The validation of ARP requests on backup slaves is mainly helping
- bonding to decide which slaves are more likely to work in case of
- the active slave failure, it doesn't really guarantee that the
- backup slave will work if it's selected as the next active slave.
- Validation is useful in network configurations in which multiple
- bonding hosts are concurrently issuing ARPs to one or more targets
- beyond a common switch. Should the link between the switch and
- target fail (but not the switch itself), the probe traffic
- generated by the multiple bonding instances will fool the standard
- ARP monitor into considering the links as still up. Use of
- validation can resolve this, as the ARP monitor will only consider
- ARP requests and replies associated with its own instance of
- bonding.
- Filtering:
- Enabling filtering causes the ARP monitor to only use incoming ARP
- packets for link availability purposes. Arriving packets that are
- not ARPs are delivered normally, but do not count when determining
- if a slave is available.
- Filtering operates by only considering the reception of ARP
- packets (any ARP packet, regardless of source or destination) when
- determining if a slave has received traffic for link availability
- purposes.
- Filtering is useful in network configurations in which significant
- levels of third party broadcast traffic would fool the standard
- ARP monitor into considering the links as still up. Use of
- filtering can resolve this, as only ARP traffic is considered for
- link availability purposes.
- This option was added in bonding version 3.1.0.
- arp_all_targets
- Specifies the quantity of arp_ip_targets that must be reachable
- in order for the ARP monitor to consider a slave as being up.
- This option affects only active-backup mode for slaves with
- arp_validation enabled.
- Possible values are:
- any or 0
- consider the slave up only when any of the arp_ip_targets
- is reachable
- all or 1
- consider the slave up only when all of the arp_ip_targets
- are reachable
- downdelay
- Specifies the time, in milliseconds, to wait before disabling
- a slave after a link failure has been detected. This option
- is only valid for the miimon link monitor. The downdelay
- value should be a multiple of the miimon value; if not, it
- will be rounded down to the nearest multiple. The default
- value is 0.
- fail_over_mac
- Specifies whether active-backup mode should set all slaves to
- the same MAC address at enslavement (the traditional
- behavior), or, when enabled, perform special handling of the
- bond's MAC address in accordance with the selected policy.
- Possible values are:
- none or 0
- This setting disables fail_over_mac, and causes
- bonding to set all slaves of an active-backup bond to
- the same MAC address at enslavement time. This is the
- default.
- active or 1
- The "active" fail_over_mac policy indicates that the
- MAC address of the bond should always be the MAC
- address of the currently active slave. The MAC
- address of the slaves is not changed; instead, the MAC
- address of the bond changes during a failover.
- This policy is useful for devices that cannot ever
- alter their MAC address, or for devices that refuse
- incoming broadcasts with their own source MAC (which
- interferes with the ARP monitor).
- The down side of this policy is that every device on
- the network must be updated via gratuitous ARP,
- vs. just updating a switch or set of switches (which
- often takes place for any traffic, not just ARP
- traffic, if the switch snoops incoming traffic to
- update its tables) for the traditional method. If the
- gratuitous ARP is lost, communication may be
- disrupted.
- When this policy is used in conjunction with the mii
- monitor, devices which assert link up prior to being
- able to actually transmit and receive are particularly
- susceptible to loss of the gratuitous ARP, and an
- appropriate updelay setting may be required.
- follow or 2
- The "follow" fail_over_mac policy causes the MAC
- address of the bond to be selected normally (normally
- the MAC address of the first slave added to the bond).
- However, the second and subsequent slaves are not set
- to this MAC address while they are in a backup role; a
- slave is programmed with the bond's MAC address at
- failover time (and the formerly active slave receives
- the newly active slave's MAC address).
- This policy is useful for multiport devices that
- either become confused or incur a performance penalty
- when multiple ports are programmed with the same MAC
- address.
- The default policy is none, unless the first slave cannot
- change its MAC address, in which case the active policy is
- selected by default.
- This option may be modified via sysfs only when no slaves are
- present in the bond.
- This option was added in bonding version 3.2.0. The "follow"
- policy was added in bonding version 3.3.0.
- lacp_rate
- Option specifying the rate in which we'll ask our link partner
- to transmit LACPDU packets in 802.3ad mode. Possible values
- are:
- slow or 0
- Request partner to transmit LACPDUs every 30 seconds
- fast or 1
- Request partner to transmit LACPDUs every 1 second
- The default is slow.
- max_bonds
- Specifies the number of bonding devices to create for this
- instance of the bonding driver. E.g., if max_bonds is 3, and
- the bonding driver is not already loaded, then bond0, bond1
- and bond2 will be created. The default value is 1. Specifying
- a value of 0 will load bonding, but will not create any devices.
- miimon
- Specifies the MII link monitoring frequency in milliseconds.
- This determines how often the link state of each slave is
- inspected for link failures. A value of zero disables MII
- link monitoring. A value of 100 is a good starting point.
- The use_carrier option, below, affects how the link state is
- determined. See the High Availability section for additional
- information. The default value is 0.
- min_links
- Specifies the minimum number of links that must be active before
- asserting carrier. It is similar to the Cisco EtherChannel min-links
- feature. This allows setting the minimum number of member ports that
- must be up (link-up state) before marking the bond device as up
- (carrier on). This is useful for situations where higher level services
- such as clustering want to ensure a minimum number of low bandwidth
- links are active before switchover. This option only affect 802.3ad
- mode.
- The default value is 0. This will cause carrier to be asserted (for
- 802.3ad mode) whenever there is an active aggregator, regardless of the
- number of available links in that aggregator. Note that, because an
- aggregator cannot be active without at least one available link,
- setting this option to 0 or to 1 has the exact same effect.
- mode
- Specifies one of the bonding policies. The default is
- balance-rr (round robin). Possible values are:
- balance-rr or 0
- Round-robin policy: Transmit packets in sequential
- order from the first available slave through the
- last. This mode provides load balancing and fault
- tolerance.
- active-backup or 1
- Active-backup policy: Only one slave in the bond is
- active. A different slave becomes active if, and only
- if, the active slave fails. The bond's MAC address is
- externally visible on only one port (network adapter)
- to avoid confusing the switch.
- In bonding version 2.6.2 or later, when a failover
- occurs in active-backup mode, bonding will issue one
- or more gratuitous ARPs on the newly active slave.
- One gratuitous ARP is issued for the bonding master
- interface and each VLAN interfaces configured above
- it, provided that the interface has at least one IP
- address configured. Gratuitous ARPs issued for VLAN
- interfaces are tagged with the appropriate VLAN id.
- This mode provides fault tolerance. The primary
- option, documented below, affects the behavior of this
- mode.
- balance-xor or 2
- XOR policy: Transmit based on the selected transmit
- hash policy. The default policy is a simple [(source
- MAC address XOR'd with destination MAC address XOR
- packet type ID) modulo slave count]. Alternate transmit
- policies may be selected via the xmit_hash_policy option,
- described below.
- This mode provides load balancing and fault tolerance.
- broadcast or 3
- Broadcast policy: transmits everything on all slave
- interfaces. This mode provides fault tolerance.
- 802.3ad or 4
- IEEE 802.3ad Dynamic link aggregation. Creates
- aggregation groups that share the same speed and
- duplex settings. Utilizes all slaves in the active
- aggregator according to the 802.3ad specification.
- Slave selection for outgoing traffic is done according
- to the transmit hash policy, which may be changed from
- the default simple XOR policy via the xmit_hash_policy
- option, documented below. Note that not all transmit
- policies may be 802.3ad compliant, particularly in
- regards to the packet mis-ordering requirements of
- section 43.2.4 of the 802.3ad standard. Differing
- peer implementations will have varying tolerances for
- noncompliance.
- Prerequisites:
- 1. Ethtool support in the base drivers for retrieving
- the speed and duplex of each slave.
- 2. A switch that supports IEEE 802.3ad Dynamic link
- aggregation.
- Most switches will require some type of configuration
- to enable 802.3ad mode.
- balance-tlb or 5
- Adaptive transmit load balancing: channel bonding that
- does not require any special switch support.
- In tlb_dynamic_lb=1 mode; the outgoing traffic is
- distributed according to the current load (computed
- relative to the speed) on each slave.
- In tlb_dynamic_lb=0 mode; the load balancing based on
- current load is disabled and the load is distributed
- only using the hash distribution.
- Incoming traffic is received by the current slave.
- If the receiving slave fails, another slave takes over
- the MAC address of the failed receiving slave.
- Prerequisite:
- Ethtool support in the base drivers for retrieving the
- speed of each slave.
- balance-alb or 6
- Adaptive load balancing: includes balance-tlb plus
- receive load balancing (rlb) for IPV4 traffic, and
- does not require any special switch support. The
- receive load balancing is achieved by ARP negotiation.
- The bonding driver intercepts the ARP Replies sent by
- the local system on their way out and overwrites the
- source hardware address with the unique hardware
- address of one of the slaves in the bond such that
- different peers use different hardware addresses for
- the server.
- Receive traffic from connections created by the server
- is also balanced. When the local system sends an ARP
- Request the bonding driver copies and saves the peer's
- IP information from the ARP packet. When the ARP
- Reply arrives from the peer, its hardware address is
- retrieved and the bonding driver initiates an ARP
- reply to this peer assigning it to one of the slaves
- in the bond. A problematic outcome of using ARP
- negotiation for balancing is that each time that an
- ARP request is broadcast it uses the hardware address
- of the bond. Hence, peers learn the hardware address
- of the bond and the balancing of receive traffic
- collapses to the current slave. This is handled by
- sending updates (ARP Replies) to all the peers with
- their individually assigned hardware address such that
- the traffic is redistributed. Receive traffic is also
- redistributed when a new slave is added to the bond
- and when an inactive slave is re-activated. The
- receive load is distributed sequentially (round robin)
- among the group of highest speed slaves in the bond.
- When a link is reconnected or a new slave joins the
- bond the receive traffic is redistributed among all
- active slaves in the bond by initiating ARP Replies
- with the selected MAC address to each of the
- clients. The updelay parameter (detailed below) must
- be set to a value equal or greater than the switch's
- forwarding delay so that the ARP Replies sent to the
- peers will not be blocked by the switch.
- Prerequisites:
- 1. Ethtool support in the base drivers for retrieving
- the speed of each slave.
- 2. Base driver support for setting the hardware
- address of a device while it is open. This is
- required so that there will always be one slave in the
- team using the bond hardware address (the
- curr_active_slave) while having a unique hardware
- address for each slave in the bond. If the
- curr_active_slave fails its hardware address is
- swapped with the new curr_active_slave that was
- chosen.
- num_grat_arp
- num_unsol_na
- Specify the number of peer notifications (gratuitous ARPs and
- unsolicited IPv6 Neighbor Advertisements) to be issued after a
- failover event. As soon as the link is up on the new slave
- (possibly immediately) a peer notification is sent on the
- bonding device and each VLAN sub-device. This is repeated at
- each link monitor interval (arp_interval or miimon, whichever
- is active) if the number is greater than 1.
- The valid range is 0 - 255; the default value is 1. These options
- affect only the active-backup mode. These options were added for
- bonding versions 3.3.0 and 3.4.0 respectively.
- From Linux 3.0 and bonding version 3.7.1, these notifications
- are generated by the ipv4 and ipv6 code and the numbers of
- repetitions cannot be set independently.
- packets_per_slave
- Specify the number of packets to transmit through a slave before
- moving to the next one. When set to 0 then a slave is chosen at
- random.
- The valid range is 0 - 65535; the default value is 1. This option
- has effect only in balance-rr mode.
- primary
- A string (eth0, eth2, etc) specifying which slave is the
- primary device. The specified device will always be the
- active slave while it is available. Only when the primary is
- off-line will alternate devices be used. This is useful when
- one slave is preferred over another, e.g., when one slave has
- higher throughput than another.
- The primary option is only valid for active-backup(1),
- balance-tlb (5) and balance-alb (6) mode.
- primary_reselect
- Specifies the reselection policy for the primary slave. This
- affects how the primary slave is chosen to become the active slave
- when failure of the active slave or recovery of the primary slave
- occurs. This option is designed to prevent flip-flopping between
- the primary slave and other slaves. Possible values are:
- always or 0 (default)
- The primary slave becomes the active slave whenever it
- comes back up.
- better or 1
- The primary slave becomes the active slave when it comes
- back up, if the speed and duplex of the primary slave is
- better than the speed and duplex of the current active
- slave.
- failure or 2
- The primary slave becomes the active slave only if the
- current active slave fails and the primary slave is up.
- The primary_reselect setting is ignored in two cases:
- If no slaves are active, the first slave to recover is
- made the active slave.
- When initially enslaved, the primary slave is always made
- the active slave.
- Changing the primary_reselect policy via sysfs will cause an
- immediate selection of the best active slave according to the new
- policy. This may or may not result in a change of the active
- slave, depending upon the circumstances.
- This option was added for bonding version 3.6.0.
- tlb_dynamic_lb
- Specifies if dynamic shuffling of flows is enabled in tlb
- mode. The value has no effect on any other modes.
- The default behavior of tlb mode is to shuffle active flows across
- slaves based on the load in that interval. This gives nice lb
- characteristics but can cause packet reordering. If re-ordering is
- a concern use this variable to disable flow shuffling and rely on
- load balancing provided solely by the hash distribution.
- xmit-hash-policy can be used to select the appropriate hashing for
- the setup.
- The sysfs entry can be used to change the setting per bond device
- and the initial value is derived from the module parameter. The
- sysfs entry is allowed to be changed only if the bond device is
- down.
- The default value is "1" that enables flow shuffling while value "0"
- disables it. This option was added in bonding driver 3.7.1
- updelay
- Specifies the time, in milliseconds, to wait before enabling a
- slave after a link recovery has been detected. This option is
- only valid for the miimon link monitor. The updelay value
- should be a multiple of the miimon value; if not, it will be
- rounded down to the nearest multiple. The default value is 0.
- use_carrier
- Specifies whether or not miimon should use MII or ETHTOOL
- ioctls vs. netif_carrier_ok() to determine the link
- status. The MII or ETHTOOL ioctls are less efficient and
- utilize a deprecated calling sequence within the kernel. The
- netif_carrier_ok() relies on the device driver to maintain its
- state with netif_carrier_on/off; at this writing, most, but
- not all, device drivers support this facility.
- If bonding insists that the link is up when it should not be,
- it may be that your network device driver does not support
- netif_carrier_on/off. The default state for netif_carrier is
- "carrier on," so if a driver does not support netif_carrier,
- it will appear as if the link is always up. In this case,
- setting use_carrier to 0 will cause bonding to revert to the
- MII / ETHTOOL ioctl method to determine the link state.
- A value of 1 enables the use of netif_carrier_ok(), a value of
- 0 will use the deprecated MII / ETHTOOL ioctls. The default
- value is 1.
- xmit_hash_policy
- Selects the transmit hash policy to use for slave selection in
- balance-xor, 802.3ad, and tlb modes. Possible values are:
- layer2
- Uses XOR of hardware MAC addresses and packet type ID
- field to generate the hash. The formula is
- hash = source MAC XOR destination MAC XOR packet type ID
- slave number = hash modulo slave count
- This algorithm will place all traffic to a particular
- network peer on the same slave.
- This algorithm is 802.3ad compliant.
- layer2+3
- This policy uses a combination of layer2 and layer3
- protocol information to generate the hash.
- Uses XOR of hardware MAC addresses and IP addresses to
- generate the hash. The formula is
- hash = source MAC XOR destination MAC XOR packet type ID
- hash = hash XOR source IP XOR destination IP
- hash = hash XOR (hash RSHIFT 16)
- hash = hash XOR (hash RSHIFT 8)
- And then hash is reduced modulo slave count.
- If the protocol is IPv6 then the source and destination
- addresses are first hashed using ipv6_addr_hash.
- This algorithm will place all traffic to a particular
- network peer on the same slave. For non-IP traffic,
- the formula is the same as for the layer2 transmit
- hash policy.
- This policy is intended to provide a more balanced
- distribution of traffic than layer2 alone, especially
- in environments where a layer3 gateway device is
- required to reach most destinations.
- This algorithm is 802.3ad compliant.
- layer3+4
- This policy uses upper layer protocol information,
- when available, to generate the hash. This allows for
- traffic to a particular network peer to span multiple
- slaves, although a single connection will not span
- multiple slaves.
- The formula for unfragmented TCP and UDP packets is
- hash = source port, destination port (as in the header)
- hash = hash XOR source IP XOR destination IP
- hash = hash XOR (hash RSHIFT 16)
- hash = hash XOR (hash RSHIFT 8)
- And then hash is reduced modulo slave count.
- If the protocol is IPv6 then the source and destination
- addresses are first hashed using ipv6_addr_hash.
- For fragmented TCP or UDP packets and all other IPv4 and
- IPv6 protocol traffic, the source and destination port
- information is omitted. For non-IP traffic, the
- formula is the same as for the layer2 transmit hash
- policy.
- This algorithm is not fully 802.3ad compliant. A
- single TCP or UDP conversation containing both
- fragmented and unfragmented packets will see packets
- striped across two interfaces. This may result in out
- of order delivery. Most traffic types will not meet
- this criteria, as TCP rarely fragments traffic, and
- most UDP traffic is not involved in extended
- conversations. Other implementations of 802.3ad may
- or may not tolerate this noncompliance.
- encap2+3
- This policy uses the same formula as layer2+3 but it
- relies on skb_flow_dissect to obtain the header fields
- which might result in the use of inner headers if an
- encapsulation protocol is used. For example this will
- improve the performance for tunnel users because the
- packets will be distributed according to the encapsulated
- flows.
- encap3+4
- This policy uses the same formula as layer3+4 but it
- relies on skb_flow_dissect to obtain the header fields
- which might result in the use of inner headers if an
- encapsulation protocol is used. For example this will
- improve the performance for tunnel users because the
- packets will be distributed according to the encapsulated
- flows.
- The default value is layer2. This option was added in bonding
- version 2.6.3. In earlier versions of bonding, this parameter
- does not exist, and the layer2 policy is the only policy. The
- layer2+3 value was added for bonding version 3.2.2.
- resend_igmp
- Specifies the number of IGMP membership reports to be issued after
- a failover event. One membership report is issued immediately after
- the failover, subsequent packets are sent in each 200ms interval.
- The valid range is 0 - 255; the default value is 1. A value of 0
- prevents the IGMP membership report from being issued in response
- to the failover event.
- This option is useful for bonding modes balance-rr (0), active-backup
- (1), balance-tlb (5) and balance-alb (6), in which a failover can
- switch the IGMP traffic from one slave to another. Therefore a fresh
- IGMP report must be issued to cause the switch to forward the incoming
- IGMP traffic over the newly selected slave.
- This option was added for bonding version 3.7.0.
- lp_interval
- Specifies the number of seconds between instances where the bonding
- driver sends learning packets to each slaves peer switch.
- The valid range is 1 - 0x7fffffff; the default value is 1. This Option
- has effect only in balance-tlb and balance-alb modes.
- 3. Configuring Bonding Devices
- ==============================
- You can configure bonding using either your distro's network
- initialization scripts, or manually using either iproute2 or the
- sysfs interface. Distros generally use one of three packages for the
- network initialization scripts: initscripts, sysconfig or interfaces.
- Recent versions of these packages have support for bonding, while older
- versions do not.
- We will first describe the options for configuring bonding for
- distros using versions of initscripts, sysconfig and interfaces with full
- or partial support for bonding, then provide information on enabling
- bonding without support from the network initialization scripts (i.e.,
- older versions of initscripts or sysconfig).
- If you're unsure whether your distro uses sysconfig,
- initscripts or interfaces, or don't know if it's new enough, have no fear.
- Determining this is fairly straightforward.
- First, look for a file called interfaces in /etc/network directory.
- If this file is present in your system, then your system use interfaces. See
- Configuration with Interfaces Support.
- Else, issue the command:
- $ rpm -qf /sbin/ifup
- It will respond with a line of text starting with either
- "initscripts" or "sysconfig," followed by some numbers. This is the
- package that provides your network initialization scripts.
- Next, to determine if your installation supports bonding,
- issue the command:
- $ grep ifenslave /sbin/ifup
- If this returns any matches, then your initscripts or
- sysconfig has support for bonding.
- 3.1 Configuration with Sysconfig Support
- ----------------------------------------
- This section applies to distros using a version of sysconfig
- with bonding support, for example, SuSE Linux Enterprise Server 9.
- SuSE SLES 9's networking configuration system does support
- bonding, however, at this writing, the YaST system configuration
- front end does not provide any means to work with bonding devices.
- Bonding devices can be managed by hand, however, as follows.
- First, if they have not already been configured, configure the
- slave devices. On SLES 9, this is most easily done by running the
- yast2 sysconfig configuration utility. The goal is for to create an
- ifcfg-id file for each slave device. The simplest way to accomplish
- this is to configure the devices for DHCP (this is only to get the
- file ifcfg-id file created; see below for some issues with DHCP). The
- name of the configuration file for each device will be of the form:
- ifcfg-id-xx:xx:xx:xx:xx:xx
- Where the "xx" portion will be replaced with the digits from
- the device's permanent MAC address.
- Once the set of ifcfg-id-xx:xx:xx:xx:xx:xx files has been
- created, it is necessary to edit the configuration files for the slave
- devices (the MAC addresses correspond to those of the slave devices).
- Before editing, the file will contain multiple lines, and will look
- something like this:
- BOOTPROTO='dhcp'
- STARTMODE='on'
- USERCTL='no'
- UNIQUE='XNzu.WeZGOGF+4wE'
- _nm_name='bus-pci-0001:61:01.0'
- Change the BOOTPROTO and STARTMODE lines to the following:
- BOOTPROTO='none'
- STARTMODE='off'
- Do not alter the UNIQUE or _nm_name lines. Remove any other
- lines (USERCTL, etc).
- Once the ifcfg-id-xx:xx:xx:xx:xx:xx files have been modified,
- it's time to create the configuration file for the bonding device
- itself. This file is named ifcfg-bondX, where X is the number of the
- bonding device to create, starting at 0. The first such file is
- ifcfg-bond0, the second is ifcfg-bond1, and so on. The sysconfig
- network configuration system will correctly start multiple instances
- of bonding.
- The contents of the ifcfg-bondX file is as follows:
- BOOTPROTO="static"
- BROADCAST="10.0.2.255"
- IPADDR="10.0.2.10"
- NETMASK="255.255.0.0"
- NETWORK="10.0.2.0"
- REMOTE_IPADDR=""
- STARTMODE="onboot"
- BONDING_MASTER="yes"
- BONDING_MODULE_OPTS="mode=active-backup miimon=100"
- BONDING_SLAVE0="eth0"
- BONDING_SLAVE1="bus-pci-0000:06:08.1"
- Replace the sample BROADCAST, IPADDR, NETMASK and NETWORK
- values with the appropriate values for your network.
- The STARTMODE specifies when the device is brought online.
- The possible values are:
- onboot: The device is started at boot time. If you're not
- sure, this is probably what you want.
- manual: The device is started only when ifup is called
- manually. Bonding devices may be configured this
- way if you do not wish them to start automatically
- at boot for some reason.
- hotplug: The device is started by a hotplug event. This is not
- a valid choice for a bonding device.
- off or ignore: The device configuration is ignored.
- The line BONDING_MASTER='yes' indicates that the device is a
- bonding master device. The only useful value is "yes."
- The contents of BONDING_MODULE_OPTS are supplied to the
- instance of the bonding module for this device. Specify the options
- for the bonding mode, link monitoring, and so on here. Do not include
- the max_bonds bonding parameter; this will confuse the configuration
- system if you have multiple bonding devices.
- Finally, supply one BONDING_SLAVEn="slave device" for each
- slave. where "n" is an increasing value, one for each slave. The
- "slave device" is either an interface name, e.g., "eth0", or a device
- specifier for the network device. The interface name is easier to
- find, but the ethN names are subject to change at boot time if, e.g.,
- a device early in the sequence has failed. The device specifiers
- (bus-pci-0000:06:08.1 in the example above) specify the physical
- network device, and will not change unless the device's bus location
- changes (for example, it is moved from one PCI slot to another). The
- example above uses one of each type for demonstration purposes; most
- configurations will choose one or the other for all slave devices.
- When all configuration files have been modified or created,
- networking must be restarted for the configuration changes to take
- effect. This can be accomplished via the following:
- # /etc/init.d/network restart
- Note that the network control script (/sbin/ifdown) will
- remove the bonding module as part of the network shutdown processing,
- so it is not necessary to remove the module by hand if, e.g., the
- module parameters have changed.
- Also, at this writing, YaST/YaST2 will not manage bonding
- devices (they do not show bonding interfaces on its list of network
- devices). It is necessary to edit the configuration file by hand to
- change the bonding configuration.
- Additional general options and details of the ifcfg file
- format can be found in an example ifcfg template file:
- /etc/sysconfig/network/ifcfg.template
- Note that the template does not document the various BONDING_
- settings described above, but does describe many of the other options.
- 3.1.1 Using DHCP with Sysconfig
- -------------------------------
- Under sysconfig, configuring a device with BOOTPROTO='dhcp'
- will cause it to query DHCP for its IP address information. At this
- writing, this does not function for bonding devices; the scripts
- attempt to obtain the device address from DHCP prior to adding any of
- the slave devices. Without active slaves, the DHCP requests are not
- sent to the network.
- 3.1.2 Configuring Multiple Bonds with Sysconfig
- -----------------------------------------------
- The sysconfig network initialization system is capable of
- handling multiple bonding devices. All that is necessary is for each
- bonding instance to have an appropriately configured ifcfg-bondX file
- (as described above). Do not specify the "max_bonds" parameter to any
- instance of bonding, as this will confuse sysconfig. If you require
- multiple bonding devices with identical parameters, create multiple
- ifcfg-bondX files.
- Because the sysconfig scripts supply the bonding module
- options in the ifcfg-bondX file, it is not necessary to add them to
- the system /etc/modules.d/*.conf configuration files.
- 3.2 Configuration with Initscripts Support
- ------------------------------------------
- This section applies to distros using a recent version of
- initscripts with bonding support, for example, Red Hat Enterprise Linux
- version 3 or later, Fedora, etc. On these systems, the network
- initialization scripts have knowledge of bonding, and can be configured to
- control bonding devices. Note that older versions of the initscripts
- package have lower levels of support for bonding; this will be noted where
- applicable.
- These distros will not automatically load the network adapter
- driver unless the ethX device is configured with an IP address.
- Because of this constraint, users must manually configure a
- network-script file for all physical adapters that will be members of
- a bondX link. Network script files are located in the directory:
- /etc/sysconfig/network-scripts
- The file name must be prefixed with "ifcfg-eth" and suffixed
- with the adapter's physical adapter number. For example, the script
- for eth0 would be named /etc/sysconfig/network-scripts/ifcfg-eth0.
- Place the following text in the file:
- DEVICE=eth0
- USERCTL=no
- ONBOOT=yes
- MASTER=bond0
- SLAVE=yes
- BOOTPROTO=none
- The DEVICE= line will be different for every ethX device and
- must correspond with the name of the file, i.e., ifcfg-eth1 must have
- a device line of DEVICE=eth1. The setting of the MASTER= line will
- also depend on the final bonding interface name chosen for your bond.
- As with other network devices, these typically start at 0, and go up
- one for each device, i.e., the first bonding instance is bond0, the
- second is bond1, and so on.
- Next, create a bond network script. The file name for this
- script will be /etc/sysconfig/network-scripts/ifcfg-bondX where X is
- the number of the bond. For bond0 the file is named "ifcfg-bond0",
- for bond1 it is named "ifcfg-bond1", and so on. Within that file,
- place the following text:
- DEVICE=bond0
- IPADDR=192.168.1.1
- NETMASK=255.255.255.0
- NETWORK=192.168.1.0
- BROADCAST=192.168.1.255
- ONBOOT=yes
- BOOTPROTO=none
- USERCTL=no
- Be sure to change the networking specific lines (IPADDR,
- NETMASK, NETWORK and BROADCAST) to match your network configuration.
- For later versions of initscripts, such as that found with Fedora
- 7 (or later) and Red Hat Enterprise Linux version 5 (or later), it is possible,
- and, indeed, preferable, to specify the bonding options in the ifcfg-bond0
- file, e.g. a line of the format:
- BONDING_OPTS="mode=active-backup arp_interval=60 arp_ip_target=192.168.1.254"
- will configure the bond with the specified options. The options
- specified in BONDING_OPTS are identical to the bonding module parameters
- except for the arp_ip_target field when using versions of initscripts older
- than and 8.57 (Fedora 8) and 8.45.19 (Red Hat Enterprise Linux 5.2). When
- using older versions each target should be included as a separate option and
- should be preceded by a '+' to indicate it should be added to the list of
- queried targets, e.g.,
- arp_ip_target=+192.168.1.1 arp_ip_target=+192.168.1.2
- is the proper syntax to specify multiple targets. When specifying
- options via BONDING_OPTS, it is not necessary to edit /etc/modprobe.d/*.conf.
- For even older versions of initscripts that do not support
- BONDING_OPTS, it is necessary to edit /etc/modprobe.d/*.conf, depending upon
- your distro) to load the bonding module with your desired options when the
- bond0 interface is brought up. The following lines in /etc/modprobe.d/*.conf
- will load the bonding module, and select its options:
- alias bond0 bonding
- options bond0 mode=balance-alb miimon=100
- Replace the sample parameters with the appropriate set of
- options for your configuration.
- Finally run "/etc/rc.d/init.d/network restart" as root. This
- will restart the networking subsystem and your bond link should be now
- up and running.
- 3.2.1 Using DHCP with Initscripts
- ---------------------------------
- Recent versions of initscripts (the versions supplied with Fedora
- Core 3 and Red Hat Enterprise Linux 4, or later versions, are reported to
- work) have support for assigning IP information to bonding devices via
- DHCP.
- To configure bonding for DHCP, configure it as described
- above, except replace the line "BOOTPROTO=none" with "BOOTPROTO=dhcp"
- and add a line consisting of "TYPE=Bonding". Note that the TYPE value
- is case sensitive.
- 3.2.2 Configuring Multiple Bonds with Initscripts
- -------------------------------------------------
- Initscripts packages that are included with Fedora 7 and Red Hat
- Enterprise Linux 5 support multiple bonding interfaces by simply
- specifying the appropriate BONDING_OPTS= in ifcfg-bondX where X is the
- number of the bond. This support requires sysfs support in the kernel,
- and a bonding driver of version 3.0.0 or later. Other configurations may
- not support this method for specifying multiple bonding interfaces; for
- those instances, see the "Configuring Multiple Bonds Manually" section,
- below.
- 3.3 Configuring Bonding Manually with iproute2
- -----------------------------------------------
- This section applies to distros whose network initialization
- scripts (the sysconfig or initscripts package) do not have specific
- knowledge of bonding. One such distro is SuSE Linux Enterprise Server
- version 8.
- The general method for these systems is to place the bonding
- module parameters into a config file in /etc/modprobe.d/ (as
- appropriate for the installed distro), then add modprobe and/or
- `ip link` commands to the system's global init script. The name of
- the global init script differs; for sysconfig, it is
- /etc/init.d/boot.local and for initscripts it is /etc/rc.d/rc.local.
- For example, if you wanted to make a simple bond of two e100
- devices (presumed to be eth0 and eth1), and have it persist across
- reboots, edit the appropriate file (/etc/init.d/boot.local or
- /etc/rc.d/rc.local), and add the following:
- modprobe bonding mode=balance-alb miimon=100
- modprobe e100
- ifconfig bond0 192.168.1.1 netmask 255.255.255.0 up
- ip link set eth0 master bond0
- ip link set eth1 master bond0
- Replace the example bonding module parameters and bond0
- network configuration (IP address, netmask, etc) with the appropriate
- values for your configuration.
- Unfortunately, this method will not provide support for the
- ifup and ifdown scripts on the bond devices. To reload the bonding
- configuration, it is necessary to run the initialization script, e.g.,
- # /etc/init.d/boot.local
- or
- # /etc/rc.d/rc.local
- It may be desirable in such a case to create a separate script
- which only initializes the bonding configuration, then call that
- separate script from within boot.local. This allows for bonding to be
- enabled without re-running the entire global init script.
- To shut down the bonding devices, it is necessary to first
- mark the bonding device itself as being down, then remove the
- appropriate device driver modules. For our example above, you can do
- the following:
- # ifconfig bond0 down
- # rmmod bonding
- # rmmod e100
- Again, for convenience, it may be desirable to create a script
- with these commands.
- 3.3.1 Configuring Multiple Bonds Manually
- -----------------------------------------
- This section contains information on configuring multiple
- bonding devices with differing options for those systems whose network
- initialization scripts lack support for configuring multiple bonds.
- If you require multiple bonding devices, but all with the same
- options, you may wish to use the "max_bonds" module parameter,
- documented above.
- To create multiple bonding devices with differing options, it is
- preferable to use bonding parameters exported by sysfs, documented in the
- section below.
- For versions of bonding without sysfs support, the only means to
- provide multiple instances of bonding with differing options is to load
- the bonding driver multiple times. Note that current versions of the
- sysconfig network initialization scripts handle this automatically; if
- your distro uses these scripts, no special action is needed. See the
- section Configuring Bonding Devices, above, if you're not sure about your
- network initialization scripts.
- To load multiple instances of the module, it is necessary to
- specify a different name for each instance (the module loading system
- requires that every loaded module, even multiple instances of the same
- module, have a unique name). This is accomplished by supplying multiple
- sets of bonding options in /etc/modprobe.d/*.conf, for example:
- alias bond0 bonding
- options bond0 -o bond0 mode=balance-rr miimon=100
- alias bond1 bonding
- options bond1 -o bond1 mode=balance-alb miimon=50
- will load the bonding module two times. The first instance is
- named "bond0" and creates the bond0 device in balance-rr mode with an
- miimon of 100. The second instance is named "bond1" and creates the
- bond1 device in balance-alb mode with an miimon of 50.
- In some circumstances (typically with older distributions),
- the above does not work, and the second bonding instance never sees
- its options. In that case, the second options line can be substituted
- as follows:
- install bond1 /sbin/modprobe --ignore-install bonding -o bond1 \
- mode=balance-alb miimon=50
- This may be repeated any number of times, specifying a new and
- unique name in place of bond1 for each subsequent instance.
- It has been observed that some Red Hat supplied kernels are unable
- to rename modules at load time (the "-o bond1" part). Attempts to pass
- that option to modprobe will produce an "Operation not permitted" error.
- This has been reported on some Fedora Core kernels, and has been seen on
- RHEL 4 as well. On kernels exhibiting this problem, it will be impossible
- to configure multiple bonds with differing parameters (as they are older
- kernels, and also lack sysfs support).
- 3.4 Configuring Bonding Manually via Sysfs
- ------------------------------------------
- Starting with version 3.0.0, Channel Bonding may be configured
- via the sysfs interface. This interface allows dynamic configuration
- of all bonds in the system without unloading the module. It also
- allows for adding and removing bonds at runtime. Ifenslave is no
- longer required, though it is still supported.
- Use of the sysfs interface allows you to use multiple bonds
- with different configurations without having to reload the module.
- It also allows you to use multiple, differently configured bonds when
- bonding is compiled into the kernel.
- You must have the sysfs filesystem mounted to configure
- bonding this way. The examples in this document assume that you
- are using the standard mount point for sysfs, e.g. /sys. If your
- sysfs filesystem is mounted elsewhere, you will need to adjust the
- example paths accordingly.
- Creating and Destroying Bonds
- -----------------------------
- To add a new bond foo:
- # echo +foo > /sys/class/net/bonding_masters
- To remove an existing bond bar:
- # echo -bar > /sys/class/net/bonding_masters
- To show all existing bonds:
- # cat /sys/class/net/bonding_masters
- NOTE: due to 4K size limitation of sysfs files, this list may be
- truncated if you have more than a few hundred bonds. This is unlikely
- to occur under normal operating conditions.
- Adding and Removing Slaves
- --------------------------
- Interfaces may be enslaved to a bond using the file
- /sys/class/net/<bond>/bonding/slaves. The semantics for this file
- are the same as for the bonding_masters file.
- To enslave interface eth0 to bond bond0:
- # ifconfig bond0 up
- # echo +eth0 > /sys/class/net/bond0/bonding/slaves
- To free slave eth0 from bond bond0:
- # echo -eth0 > /sys/class/net/bond0/bonding/slaves
- When an interface is enslaved to a bond, symlinks between the
- two are created in the sysfs filesystem. In this case, you would get
- /sys/class/net/bond0/slave_eth0 pointing to /sys/class/net/eth0, and
- /sys/class/net/eth0/master pointing to /sys/class/net/bond0.
- This means that you can tell quickly whether or not an
- interface is enslaved by looking for the master symlink. Thus:
- # echo -eth0 > /sys/class/net/eth0/master/bonding/slaves
- will free eth0 from whatever bond it is enslaved to, regardless of
- the name of the bond interface.
- Changing a Bond's Configuration
- -------------------------------
- Each bond may be configured individually by manipulating the
- files located in /sys/class/net/<bond name>/bonding
- The names of these files correspond directly with the command-
- line parameters described elsewhere in this file, and, with the
- exception of arp_ip_target, they accept the same values. To see the
- current setting, simply cat the appropriate file.
- A few examples will be given here; for specific usage
- guidelines for each parameter, see the appropriate section in this
- document.
- To configure bond0 for balance-alb mode:
- # ifconfig bond0 down
- # echo 6 > /sys/class/net/bond0/bonding/mode
- - or -
- # echo balance-alb > /sys/class/net/bond0/bonding/mode
- NOTE: The bond interface must be down before the mode can be
- changed.
- To enable MII monitoring on bond0 with a 1 second interval:
- # echo 1000 > /sys/class/net/bond0/bonding/miimon
- NOTE: If ARP monitoring is enabled, it will disabled when MII
- monitoring is enabled, and vice-versa.
- To add ARP targets:
- # echo +192.168.0.100 > /sys/class/net/bond0/bonding/arp_ip_target
- # echo +192.168.0.101 > /sys/class/net/bond0/bonding/arp_ip_target
- NOTE: up to 16 target addresses may be specified.
- To remove an ARP target:
- # echo -192.168.0.100 > /sys/class/net/bond0/bonding/arp_ip_target
- To configure the interval between learning packet transmits:
- # echo 12 > /sys/class/net/bond0/bonding/lp_interval
- NOTE: the lp_inteval is the number of seconds between instances where
- the bonding driver sends learning packets to each slaves peer switch. The
- default interval is 1 second.
- Example Configuration
- ---------------------
- We begin with the same example that is shown in section 3.3,
- executed with sysfs, and without using ifenslave.
- To make a simple bond of two e100 devices (presumed to be eth0
- and eth1), and have it persist across reboots, edit the appropriate
- file (/etc/init.d/boot.local or /etc/rc.d/rc.local), and add the
- following:
- modprobe bonding
- modprobe e100
- echo balance-alb > /sys/class/net/bond0/bonding/mode
- ifconfig bond0 192.168.1.1 netmask 255.255.255.0 up
- echo 100 > /sys/class/net/bond0/bonding/miimon
- echo +eth0 > /sys/class/net/bond0/bonding/slaves
- echo +eth1 > /sys/class/net/bond0/bonding/slaves
- To add a second bond, with two e1000 interfaces in
- active-backup mode, using ARP monitoring, add the following lines to
- your init script:
- modprobe e1000
- echo +bond1 > /sys/class/net/bonding_masters
- echo active-backup > /sys/class/net/bond1/bonding/mode
- ifconfig bond1 192.168.2.1 netmask 255.255.255.0 up
- echo +192.168.2.100 /sys/class/net/bond1/bonding/arp_ip_target
- echo 2000 > /sys/class/net/bond1/bonding/arp_interval
- echo +eth2 > /sys/class/net/bond1/bonding/slaves
- echo +eth3 > /sys/class/net/bond1/bonding/slaves
- 3.5 Configuration with Interfaces Support
- -----------------------------------------
- This section applies to distros which use /etc/network/interfaces file
- to describe network interface configuration, most notably Debian and it's
- derivatives.
- The ifup and ifdown commands on Debian don't support bonding out of
- the box. The ifenslave-2.6 package should be installed to provide bonding
- support. Once installed, this package will provide bond-* options to be used
- into /etc/network/interfaces.
- Note that ifenslave-2.6 package will load the bonding module and use
- the ifenslave command when appropriate.
- Example Configurations
- ----------------------
- In /etc/network/interfaces, the following stanza will configure bond0, in
- active-backup mode, with eth0 and eth1 as slaves.
- auto bond0
- iface bond0 inet dhcp
- bond-slaves eth0 eth1
- bond-mode active-backup
- bond-miimon 100
- bond-primary eth0 eth1
- If the above configuration doesn't work, you might have a system using
- upstart for system startup. This is most notably true for recent
- Ubuntu versions. The following stanza in /etc/network/interfaces will
- produce the same result on those systems.
- auto bond0
- iface bond0 inet dhcp
- bond-slaves none
- bond-mode active-backup
- bond-miimon 100
- auto eth0
- iface eth0 inet manual
- bond-master bond0
- bond-primary eth0 eth1
- auto eth1
- iface eth1 inet manual
- bond-master bond0
- bond-primary eth0 eth1
- For a full list of bond-* supported options in /etc/network/interfaces and some
- more advanced examples tailored to you particular distros, see the files in
- /usr/share/doc/ifenslave-2.6.
- 3.6 Overriding Configuration for Special Cases
- ----------------------------------------------
- When using the bonding driver, the physical port which transmits a frame is
- typically selected by the bonding driver, and is not relevant to the user or
- system administrator. The output port is simply selected using the policies of
- the selected bonding mode. On occasion however, it is helpful to direct certain
- classes of traffic to certain physical interfaces on output to implement
- slightly more complex policies. For example, to reach a web server over a
- bonded interface in which eth0 connects to a private network, while eth1
- connects via a public network, it may be desirous to bias the bond to send said
- traffic over eth0 first, using eth1 only as a fall back, while all other traffic
- can safely be sent over either interface. Such configurations may be achieved
- using the traffic control utilities inherent in linux.
- By default the bonding driver is multiqueue aware and 16 queues are created
- when the driver initializes (see Documentation/networking/multiqueue.txt
- for details). If more or less queues are desired the module parameter
- tx_queues can be used to change this value. There is no sysfs parameter
- available as the allocation is done at module init time.
- The output of the file /proc/net/bonding/bondX has changed so the output Queue
- ID is now printed for each slave:
- Bonding Mode: fault-tolerance (active-backup)
- Primary Slave: None
- Currently Active Slave: eth0
- MII Status: up
- MII Polling Interval (ms): 0
- Up Delay (ms): 0
- Down Delay (ms): 0
- Slave Interface: eth0
- MII Status: up
- Link Failure Count: 0
- Permanent HW addr: 00:1a:a0:12:8f:cb
- Slave queue ID: 0
- Slave Interface: eth1
- MII Status: up
- Link Failure Count: 0
- Permanent HW addr: 00:1a:a0:12:8f:cc
- Slave queue ID: 2
- The queue_id for a slave can be set using the command:
- # echo "eth1:2" > /sys/class/net/bond0/bonding/queue_id
- Any interface that needs a queue_id set should set it with multiple calls
- like the one above until proper priorities are set for all interfaces. On
- distributions that allow configuration via initscripts, multiple 'queue_id'
- arguments can be added to BONDING_OPTS to set all needed slave queues.
- These queue id's can be used in conjunction with the tc utility to configure
- a multiqueue qdisc and filters to bias certain traffic to transmit on certain
- slave devices. For instance, say we wanted, in the above configuration to
- force all traffic bound to 192.168.1.100 to use eth1 in the bond as its output
- device. The following commands would accomplish this:
- # tc qdisc add dev bond0 handle 1 root multiq
- # tc filter add dev bond0 protocol ip parent 1: prio 1 u32 match ip dst \
- 192.168.1.100 action skbedit queue_mapping 2
- These commands tell the kernel to attach a multiqueue queue discipline to the
- bond0 interface and filter traffic enqueued to it, such that packets with a dst
- ip of 192.168.1.100 have their output queue mapping value overwritten to 2.
- This value is then passed into the driver, causing the normal output path
- selection policy to be overridden, selecting instead qid 2, which maps to eth1.
- Note that qid values begin at 1. Qid 0 is reserved to initiate to the driver
- that normal output policy selection should take place. One benefit to simply
- leaving the qid for a slave to 0 is the multiqueue awareness in the bonding
- driver that is now present. This awareness allows tc filters to be placed on
- slave devices as well as bond devices and the bonding driver will simply act as
- a pass-through for selecting output queues on the slave device rather than
- output port selection.
- This feature first appeared in bonding driver version 3.7.0 and support for
- output slave selection was limited to round-robin and active-backup modes.
- 3.7 Configuring LACP for 802.3ad mode in a more secure way
- ----------------------------------------------------------
- When using 802.3ad bonding mode, the Actor (host) and Partner (switch)
- exchange LACPDUs. These LACPDUs cannot be sniffed, because they are
- destined to link local mac addresses (which switches/bridges are not
- supposed to forward). However, most of the values are easily predictable
- or are simply the machine's MAC address (which is trivially known to all
- other hosts in the same L2). This implies that other machines in the L2
- domain can spoof LACPDU packets from other hosts to the switch and potentially
- cause mayhem by joining (from the point of view of the switch) another
- machine's aggregate, thus receiving a portion of that hosts incoming
- traffic and / or spoofing traffic from that machine themselves (potentially
- even successfully terminating some portion of flows). Though this is not
- a likely scenario, one could avoid this possibility by simply configuring
- few bonding parameters:
- (a) ad_actor_system : You can set a random mac-address that can be used for
- these LACPDU exchanges. The value can not be either NULL or Multicast.
- Also it's preferable to set the local-admin bit. Following shell code
- generates a random mac-address as described above.
- # sys_mac_addr=$(printf '%02x:%02x:%02x:%02x:%02x:%02x' \
- $(( (RANDOM & 0xFE) | 0x02 )) \
- $(( RANDOM & 0xFF )) \
- $(( RANDOM & 0xFF )) \
- $(( RANDOM & 0xFF )) \
- $(( RANDOM & 0xFF )) \
- $(( RANDOM & 0xFF )))
- # echo $sys_mac_addr > /sys/class/net/bond0/bonding/ad_actor_system
- (b) ad_actor_sys_prio : Randomize the system priority. The default value
- is 65535, but system can take the value from 1 - 65535. Following shell
- code generates random priority and sets it.
- # sys_prio=$(( 1 + RANDOM + RANDOM ))
- # echo $sys_prio > /sys/class/net/bond0/bonding/ad_actor_sys_prio
- (c) ad_user_port_key : Use the user portion of the port-key. The default
- keeps this empty. These are the upper 10 bits of the port-key and value
- ranges from 0 - 1023. Following shell code generates these 10 bits and
- sets it.
- # usr_port_key=$(( RANDOM & 0x3FF ))
- # echo $usr_port_key > /sys/class/net/bond0/bonding/ad_user_port_key
- 4 Querying Bonding Configuration
- =================================
- 4.1 Bonding Configuration
- -------------------------
- Each bonding device has a read-only file residing in the
- /proc/net/bonding directory. The file contents include information
- about the bonding configuration, options and state of each slave.
- For example, the contents of /proc/net/bonding/bond0 after the
- driver is loaded with parameters of mode=0 and miimon=1000 is
- generally as follows:
- Ethernet Channel Bonding Driver: 2.6.1 (October 29, 2004)
- Bonding Mode: load balancing (round-robin)
- Currently Active Slave: eth0
- MII Status: up
- MII Polling Interval (ms): 1000
- Up Delay (ms): 0
- Down Delay (ms): 0
- Slave Interface: eth1
- MII Status: up
- Link Failure Count: 1
- Slave Interface: eth0
- MII Status: up
- Link Failure Count: 1
- The precise format and contents will change depending upon the
- bonding configuration, state, and version of the bonding driver.
- 4.2 Network configuration
- -------------------------
- The network configuration can be inspected using the ifconfig
- command. Bonding devices will have the MASTER flag set; Bonding slave
- devices will have the SLAVE flag set. The ifconfig output does not
- contain information on which slaves are associated with which masters.
- In the example below, the bond0 interface is the master
- (MASTER) while eth0 and eth1 are slaves (SLAVE). Notice all slaves of
- bond0 have the same MAC address (HWaddr) as bond0 for all modes except
- TLB and ALB that require a unique MAC address for each slave.
- # /sbin/ifconfig
- bond0 Link encap:Ethernet HWaddr 00:C0:F0:1F:37:B4
- inet addr:XXX.XXX.XXX.YYY Bcast:XXX.XXX.XXX.255 Mask:255.255.252.0
- UP BROADCAST RUNNING MASTER MULTICAST MTU:1500 Metric:1
- RX packets:7224794 errors:0 dropped:0 overruns:0 frame:0
- TX packets:3286647 errors:1 dropped:0 overruns:1 carrier:0
- collisions:0 txqueuelen:0
- eth0 Link encap:Ethernet HWaddr 00:C0:F0:1F:37:B4
- UP BROADCAST RUNNING SLAVE MULTICAST MTU:1500 Metric:1
- RX packets:3573025 errors:0 dropped:0 overruns:0 frame:0
- TX packets:1643167 errors:1 dropped:0 overruns:1 carrier:0
- collisions:0 txqueuelen:100
- Interrupt:10 Base address:0x1080
- eth1 Link encap:Ethernet HWaddr 00:C0:F0:1F:37:B4
- UP BROADCAST RUNNING SLAVE MULTICAST MTU:1500 Metric:1
- RX packets:3651769 errors:0 dropped:0 overruns:0 frame:0
- TX packets:1643480 errors:0 dropped:0 overruns:0 carrier:0
- collisions:0 txqueuelen:100
- Interrupt:9 Base address:0x1400
- 5. Switch Configuration
- =======================
- For this section, "switch" refers to whatever system the
- bonded devices are directly connected to (i.e., where the other end of
- the cable plugs into). This may be an actual dedicated switch device,
- or it may be another regular system (e.g., another computer running
- Linux),
- The active-backup, balance-tlb and balance-alb modes do not
- require any specific configuration of the switch.
- The 802.3ad mode requires that the switch have the appropriate
- ports configured as an 802.3ad aggregation. The precise method used
- to configure this varies from switch to switch, but, for example, a
- Cisco 3550 series switch requires that the appropriate ports first be
- grouped together in a single etherchannel instance, then that
- etherchannel is set to mode "lacp" to enable 802.3ad (instead of
- standard EtherChannel).
- The balance-rr, balance-xor and broadcast modes generally
- require that the switch have the appropriate ports grouped together.
- The nomenclature for such a group differs between switches, it may be
- called an "etherchannel" (as in the Cisco example, above), a "trunk
- group" or some other similar variation. For these modes, each switch
- will also have its own configuration options for the switch's transmit
- policy to the bond. Typical choices include XOR of either the MAC or
- IP addresses. The transmit policy of the two peers does not need to
- match. For these three modes, the bonding mode really selects a
- transmit policy for an EtherChannel group; all three will interoperate
- with another EtherChannel group.
- 6. 802.1q VLAN Support
- ======================
- It is possible to configure VLAN devices over a bond interface
- using the 8021q driver. However, only packets coming from the 8021q
- driver and passing through bonding will be tagged by default. Self
- generated packets, for example, bonding's learning packets or ARP
- packets generated by either ALB mode or the ARP monitor mechanism, are
- tagged internally by bonding itself. As a result, bonding must
- "learn" the VLAN IDs configured above it, and use those IDs to tag
- self generated packets.
- For reasons of simplicity, and to support the use of adapters
- that can do VLAN hardware acceleration offloading, the bonding
- interface declares itself as fully hardware offloading capable, it gets
- the add_vid/kill_vid notifications to gather the necessary
- information, and it propagates those actions to the slaves. In case
- of mixed adapter types, hardware accelerated tagged packets that
- should go through an adapter that is not offloading capable are
- "un-accelerated" by the bonding driver so the VLAN tag sits in the
- regular location.
- VLAN interfaces *must* be added on top of a bonding interface
- only after enslaving at least one slave. The bonding interface has a
- hardware address of 00:00:00:00:00:00 until the first slave is added.
- If the VLAN interface is created prior to the first enslavement, it
- would pick up the all-zeroes hardware address. Once the first slave
- is attached to the bond, the bond device itself will pick up the
- slave's hardware address, which is then available for the VLAN device.
- Also, be aware that a similar problem can occur if all slaves
- are released from a bond that still has one or more VLAN interfaces on
- top of it. When a new slave is added, the bonding interface will
- obtain its hardware address from the first slave, which might not
- match the hardware address of the VLAN interfaces (which was
- ultimately copied from an earlier slave).
- There are two methods to insure that the VLAN device operates
- with the correct hardware address if all slaves are removed from a
- bond interface:
- 1. Remove all VLAN interfaces then recreate them
- 2. Set the bonding interface's hardware address so that it
- matches the hardware address of the VLAN interfaces.
- Note that changing a VLAN interface's HW address would set the
- underlying device -- i.e. the bonding interface -- to promiscuous
- mode, which might not be what you want.
- 7. Link Monitoring
- ==================
- The bonding driver at present supports two schemes for
- monitoring a slave device's link state: the ARP monitor and the MII
- monitor.
- At the present time, due to implementation restrictions in the
- bonding driver itself, it is not possible to enable both ARP and MII
- monitoring simultaneously.
- 7.1 ARP Monitor Operation
- -------------------------
- The ARP monitor operates as its name suggests: it sends ARP
- queries to one or more designated peer systems on the network, and
- uses the response as an indication that the link is operating. This
- gives some assurance that traffic is actually flowing to and from one
- or more peers on the local network.
- The ARP monitor relies on the device driver itself to verify
- that traffic is flowing. In particular, the driver must keep up to
- date the last receive time, dev->last_rx. Drivers that use NETIF_F_LLTX
- flag must also update netdev_queue->trans_start. If they do not, then the
- ARP monitor will immediately fail any slaves using that driver, and
- those slaves will stay down. If networking monitoring (tcpdump, etc)
- shows the ARP requests and replies on the network, then it may be that
- your device driver is not updating last_rx and trans_start.
- 7.2 Configuring Multiple ARP Targets
- ------------------------------------
- While ARP monitoring can be done with just one target, it can
- be useful in a High Availability setup to have several targets to
- monitor. In the case of just one target, the target itself may go
- down or have a problem making it unresponsive to ARP requests. Having
- an additional target (or several) increases the reliability of the ARP
- monitoring.
- Multiple ARP targets must be separated by commas as follows:
- # example options for ARP monitoring with three targets
- alias bond0 bonding
- options bond0 arp_interval=60 arp_ip_target=192.168.0.1,192.168.0.3,192.168.0.9
- For just a single target the options would resemble:
- # example options for ARP monitoring with one target
- alias bond0 bonding
- options bond0 arp_interval=60 arp_ip_target=192.168.0.100
- 7.3 MII Monitor Operation
- -------------------------
- The MII monitor monitors only the carrier state of the local
- network interface. It accomplishes this in one of three ways: by
- depending upon the device driver to maintain its carrier state, by
- querying the device's MII registers, or by making an ethtool query to
- the device.
- If the use_carrier module parameter is 1 (the default value),
- then the MII monitor will rely on the driver for carrier state
- information (via the netif_carrier subsystem). As explained in the
- use_carrier parameter information, above, if the MII monitor fails to
- detect carrier loss on the device (e.g., when the cable is physically
- disconnected), it may be that the driver does not support
- netif_carrier.
- If use_carrier is 0, then the MII monitor will first query the
- device's (via ioctl) MII registers and check the link state. If that
- request fails (not just that it returns carrier down), then the MII
- monitor will make an ethtool ETHOOL_GLINK request to attempt to obtain
- the same information. If both methods fail (i.e., the driver either
- does not support or had some error in processing both the MII register
- and ethtool requests), then the MII monitor will assume the link is
- up.
- 8. Potential Sources of Trouble
- ===============================
- 8.1 Adventures in Routing
- -------------------------
- When bonding is configured, it is important that the slave
- devices not have routes that supersede routes of the master (or,
- generally, not have routes at all). For example, suppose the bonding
- device bond0 has two slaves, eth0 and eth1, and the routing table is
- as follows:
- Kernel IP routing table
- Destination Gateway Genmask Flags MSS Window irtt Iface
- 10.0.0.0 0.0.0.0 255.255.0.0 U 40 0 0 eth0
- 10.0.0.0 0.0.0.0 255.255.0.0 U 40 0 0 eth1
- 10.0.0.0 0.0.0.0 255.255.0.0 U 40 0 0 bond0
- 127.0.0.0 0.0.0.0 255.0.0.0 U 40 0 0 lo
- This routing configuration will likely still update the
- receive/transmit times in the driver (needed by the ARP monitor), but
- may bypass the bonding driver (because outgoing traffic to, in this
- case, another host on network 10 would use eth0 or eth1 before bond0).
- The ARP monitor (and ARP itself) may become confused by this
- configuration, because ARP requests (generated by the ARP monitor)
- will be sent on one interface (bond0), but the corresponding reply
- will arrive on a different interface (eth0). This reply looks to ARP
- as an unsolicited ARP reply (because ARP matches replies on an
- interface basis), and is discarded. The MII monitor is not affected
- by the state of the routing table.
- The solution here is simply to insure that slaves do not have
- routes of their own, and if for some reason they must, those routes do
- not supersede routes of their master. This should generally be the
- case, but unusual configurations or errant manual or automatic static
- route additions may cause trouble.
- 8.2 Ethernet Device Renaming
- ----------------------------
- On systems with network configuration scripts that do not
- associate physical devices directly with network interface names (so
- that the same physical device always has the same "ethX" name), it may
- be necessary to add some special logic to config files in
- /etc/modprobe.d/.
- For example, given a modules.conf containing the following:
- alias bond0 bonding
- options bond0 mode=some-mode miimon=50
- alias eth0 tg3
- alias eth1 tg3
- alias eth2 e1000
- alias eth3 e1000
- If neither eth0 and eth1 are slaves to bond0, then when the
- bond0 interface comes up, the devices may end up reordered. This
- happens because bonding is loaded first, then its slave device's
- drivers are loaded next. Since no other drivers have been loaded,
- when the e1000 driver loads, it will receive eth0 and eth1 for its
- devices, but the bonding configuration tries to enslave eth2 and eth3
- (which may later be assigned to the tg3 devices).
- Adding the following:
- add above bonding e1000 tg3
- causes modprobe to load e1000 then tg3, in that order, when
- bonding is loaded. This command is fully documented in the
- modules.conf manual page.
- On systems utilizing modprobe an equivalent problem can occur.
- In this case, the following can be added to config files in
- /etc/modprobe.d/ as:
- softdep bonding pre: tg3 e1000
- This will load tg3 and e1000 modules before loading the bonding one.
- Full documentation on this can be found in the modprobe.d and modprobe
- manual pages.
- 8.3. Painfully Slow Or No Failed Link Detection By Miimon
- ---------------------------------------------------------
- By default, bonding enables the use_carrier option, which
- instructs bonding to trust the driver to maintain carrier state.
- As discussed in the options section, above, some drivers do
- not support the netif_carrier_on/_off link state tracking system.
- With use_carrier enabled, bonding will always see these links as up,
- regardless of their actual state.
- Additionally, other drivers do support netif_carrier, but do
- not maintain it in real time, e.g., only polling the link state at
- some fixed interval. In this case, miimon will detect failures, but
- only after some long period of time has expired. If it appears that
- miimon is very slow in detecting link failures, try specifying
- use_carrier=0 to see if that improves the failure detection time. If
- it does, then it may be that the driver checks the carrier state at a
- fixed interval, but does not cache the MII register values (so the
- use_carrier=0 method of querying the registers directly works). If
- use_carrier=0 does not improve the failover, then the driver may cache
- the registers, or the problem may be elsewhere.
- Also, remember that miimon only checks for the device's
- carrier state. It has no way to determine the state of devices on or
- beyond other ports of a switch, or if a switch is refusing to pass
- traffic while still maintaining carrier on.
- 9. SNMP agents
- ===============
- If running SNMP agents, the bonding driver should be loaded
- before any network drivers participating in a bond. This requirement
- is due to the interface index (ipAdEntIfIndex) being associated to
- the first interface found with a given IP address. That is, there is
- only one ipAdEntIfIndex for each IP address. For example, if eth0 and
- eth1 are slaves of bond0 and the driver for eth0 is loaded before the
- bonding driver, the interface for the IP address will be associated
- with the eth0 interface. This configuration is shown below, the IP
- address 192.168.1.1 has an interface index of 2 which indexes to eth0
- in the ifDescr table (ifDescr.2).
- interfaces.ifTable.ifEntry.ifDescr.1 = lo
- interfaces.ifTable.ifEntry.ifDescr.2 = eth0
- interfaces.ifTable.ifEntry.ifDescr.3 = eth1
- interfaces.ifTable.ifEntry.ifDescr.4 = eth2
- interfaces.ifTable.ifEntry.ifDescr.5 = eth3
- interfaces.ifTable.ifEntry.ifDescr.6 = bond0
- ip.ipAddrTable.ipAddrEntry.ipAdEntIfIndex.10.10.10.10 = 5
- ip.ipAddrTable.ipAddrEntry.ipAdEntIfIndex.192.168.1.1 = 2
- ip.ipAddrTable.ipAddrEntry.ipAdEntIfIndex.10.74.20.94 = 4
- ip.ipAddrTable.ipAddrEntry.ipAdEntIfIndex.127.0.0.1 = 1
- This problem is avoided by loading the bonding driver before
- any network drivers participating in a bond. Below is an example of
- loading the bonding driver first, the IP address 192.168.1.1 is
- correctly associated with ifDescr.2.
- interfaces.ifTable.ifEntry.ifDescr.1 = lo
- interfaces.ifTable.ifEntry.ifDescr.2 = bond0
- interfaces.ifTable.ifEntry.ifDescr.3 = eth0
- interfaces.ifTable.ifEntry.ifDescr.4 = eth1
- interfaces.ifTable.ifEntry.ifDescr.5 = eth2
- interfaces.ifTable.ifEntry.ifDescr.6 = eth3
- ip.ipAddrTable.ipAddrEntry.ipAdEntIfIndex.10.10.10.10 = 6
- ip.ipAddrTable.ipAddrEntry.ipAdEntIfIndex.192.168.1.1 = 2
- ip.ipAddrTable.ipAddrEntry.ipAdEntIfIndex.10.74.20.94 = 5
- ip.ipAddrTable.ipAddrEntry.ipAdEntIfIndex.127.0.0.1 = 1
- While some distributions may not report the interface name in
- ifDescr, the association between the IP address and IfIndex remains
- and SNMP functions such as Interface_Scan_Next will report that
- association.
- 10. Promiscuous mode
- ====================
- When running network monitoring tools, e.g., tcpdump, it is
- common to enable promiscuous mode on the device, so that all traffic
- is seen (instead of seeing only traffic destined for the local host).
- The bonding driver handles promiscuous mode changes to the bonding
- master device (e.g., bond0), and propagates the setting to the slave
- devices.
- For the balance-rr, balance-xor, broadcast, and 802.3ad modes,
- the promiscuous mode setting is propagated to all slaves.
- For the active-backup, balance-tlb and balance-alb modes, the
- promiscuous mode setting is propagated only to the active slave.
- For balance-tlb mode, the active slave is the slave currently
- receiving inbound traffic.
- For balance-alb mode, the active slave is the slave used as a
- "primary." This slave is used for mode-specific control traffic, for
- sending to peers that are unassigned or if the load is unbalanced.
- For the active-backup, balance-tlb and balance-alb modes, when
- the active slave changes (e.g., due to a link failure), the
- promiscuous setting will be propagated to the new active slave.
- 11. Configuring Bonding for High Availability
- =============================================
- High Availability refers to configurations that provide
- maximum network availability by having redundant or backup devices,
- links or switches between the host and the rest of the world. The
- goal is to provide the maximum availability of network connectivity
- (i.e., the network always works), even though other configurations
- could provide higher throughput.
- 11.1 High Availability in a Single Switch Topology
- --------------------------------------------------
- If two hosts (or a host and a single switch) are directly
- connected via multiple physical links, then there is no availability
- penalty to optimizing for maximum bandwidth. In this case, there is
- only one switch (or peer), so if it fails, there is no alternative
- access to fail over to. Additionally, the bonding load balance modes
- support link monitoring of their members, so if individual links fail,
- the load will be rebalanced across the remaining devices.
- See Section 12, "Configuring Bonding for Maximum Throughput"
- for information on configuring bonding with one peer device.
- 11.2 High Availability in a Multiple Switch Topology
- ----------------------------------------------------
- With multiple switches, the configuration of bonding and the
- network changes dramatically. In multiple switch topologies, there is
- a trade off between network availability and usable bandwidth.
- Below is a sample network, configured to maximize the
- availability of the network:
- | |
- |port3 port3|
- +-----+----+ +-----+----+
- | |port2 ISL port2| |
- | switch A +--------------------------+ switch B |
- | | | |
- +-----+----+ +-----++---+
- |port1 port1|
- | +-------+ |
- +-------------+ host1 +---------------+
- eth0 +-------+ eth1
- In this configuration, there is a link between the two
- switches (ISL, or inter switch link), and multiple ports connecting to
- the outside world ("port3" on each switch). There is no technical
- reason that this could not be extended to a third switch.
- 11.2.1 HA Bonding Mode Selection for Multiple Switch Topology
- -------------------------------------------------------------
- In a topology such as the example above, the active-backup and
- broadcast modes are the only useful bonding modes when optimizing for
- availability; the other modes require all links to terminate on the
- same peer for them to behave rationally.
- active-backup: This is generally the preferred mode, particularly if
- the switches have an ISL and play together well. If the
- network configuration is such that one switch is specifically
- a backup switch (e.g., has lower capacity, higher cost, etc),
- then the primary option can be used to insure that the
- preferred link is always used when it is available.
- broadcast: This mode is really a special purpose mode, and is suitable
- only for very specific needs. For example, if the two
- switches are not connected (no ISL), and the networks beyond
- them are totally independent. In this case, if it is
- necessary for some specific one-way traffic to reach both
- independent networks, then the broadcast mode may be suitable.
- 11.2.2 HA Link Monitoring Selection for Multiple Switch Topology
- ----------------------------------------------------------------
- The choice of link monitoring ultimately depends upon your
- switch. If the switch can reliably fail ports in response to other
- failures, then either the MII or ARP monitors should work. For
- example, in the above example, if the "port3" link fails at the remote
- end, the MII monitor has no direct means to detect this. The ARP
- monitor could be configured with a target at the remote end of port3,
- thus detecting that failure without switch support.
- In general, however, in a multiple switch topology, the ARP
- monitor can provide a higher level of reliability in detecting end to
- end connectivity failures (which may be caused by the failure of any
- individual component to pass traffic for any reason). Additionally,
- the ARP monitor should be configured with multiple targets (at least
- one for each switch in the network). This will insure that,
- regardless of which switch is active, the ARP monitor has a suitable
- target to query.
- Note, also, that of late many switches now support a functionality
- generally referred to as "trunk failover." This is a feature of the
- switch that causes the link state of a particular switch port to be set
- down (or up) when the state of another switch port goes down (or up).
- Its purpose is to propagate link failures from logically "exterior" ports
- to the logically "interior" ports that bonding is able to monitor via
- miimon. Availability and configuration for trunk failover varies by
- switch, but this can be a viable alternative to the ARP monitor when using
- suitable switches.
- 12. Configuring Bonding for Maximum Throughput
- ==============================================
- 12.1 Maximizing Throughput in a Single Switch Topology
- ------------------------------------------------------
- In a single switch configuration, the best method to maximize
- throughput depends upon the application and network environment. The
- various load balancing modes each have strengths and weaknesses in
- different environments, as detailed below.
- For this discussion, we will break down the topologies into
- two categories. Depending upon the destination of most traffic, we
- categorize them into either "gatewayed" or "local" configurations.
- In a gatewayed configuration, the "switch" is acting primarily
- as a router, and the majority of traffic passes through this router to
- other networks. An example would be the following:
- +----------+ +----------+
- | |eth0 port1| | to other networks
- | Host A +---------------------+ router +------------------->
- | +---------------------+ | Hosts B and C are out
- | |eth1 port2| | here somewhere
- +----------+ +----------+
- The router may be a dedicated router device, or another host
- acting as a gateway. For our discussion, the important point is that
- the majority of traffic from Host A will pass through the router to
- some other network before reaching its final destination.
- In a gatewayed network configuration, although Host A may
- communicate with many other systems, all of its traffic will be sent
- and received via one other peer on the local network, the router.
- Note that the case of two systems connected directly via
- multiple physical links is, for purposes of configuring bonding, the
- same as a gatewayed configuration. In that case, it happens that all
- traffic is destined for the "gateway" itself, not some other network
- beyond the gateway.
- In a local configuration, the "switch" is acting primarily as
- a switch, and the majority of traffic passes through this switch to
- reach other stations on the same network. An example would be the
- following:
- +----------+ +----------+ +--------+
- | |eth0 port1| +-------+ Host B |
- | Host A +------------+ switch |port3 +--------+
- | +------------+ | +--------+
- | |eth1 port2| +------------------+ Host C |
- +----------+ +----------+port4 +--------+
- Again, the switch may be a dedicated switch device, or another
- host acting as a gateway. For our discussion, the important point is
- that the majority of traffic from Host A is destined for other hosts
- on the same local network (Hosts B and C in the above example).
- In summary, in a gatewayed configuration, traffic to and from
- the bonded device will be to the same MAC level peer on the network
- (the gateway itself, i.e., the router), regardless of its final
- destination. In a local configuration, traffic flows directly to and
- from the final destinations, thus, each destination (Host B, Host C)
- will be addressed directly by their individual MAC addresses.
- This distinction between a gatewayed and a local network
- configuration is important because many of the load balancing modes
- available use the MAC addresses of the local network source and
- destination to make load balancing decisions. The behavior of each
- mode is described below.
- 12.1.1 MT Bonding Mode Selection for Single Switch Topology
- -----------------------------------------------------------
- This configuration is the easiest to set up and to understand,
- although you will have to decide which bonding mode best suits your
- needs. The trade offs for each mode are detailed below:
- balance-rr: This mode is the only mode that will permit a single
- TCP/IP connection to stripe traffic across multiple
- interfaces. It is therefore the only mode that will allow a
- single TCP/IP stream to utilize more than one interface's
- worth of throughput. This comes at a cost, however: the
- striping generally results in peer systems receiving packets out
- of order, causing TCP/IP's congestion control system to kick
- in, often by retransmitting segments.
- It is possible to adjust TCP/IP's congestion limits by
- altering the net.ipv4.tcp_reordering sysctl parameter. The
- usual default value is 3. But keep in mind TCP stack is able
- to automatically increase this when it detects reorders.
- Note that the fraction of packets that will be delivered out of
- order is highly variable, and is unlikely to be zero. The level
- of reordering depends upon a variety of factors, including the
- networking interfaces, the switch, and the topology of the
- configuration. Speaking in general terms, higher speed network
- cards produce more reordering (due to factors such as packet
- coalescing), and a "many to many" topology will reorder at a
- higher rate than a "many slow to one fast" configuration.
- Many switches do not support any modes that stripe traffic
- (instead choosing a port based upon IP or MAC level addresses);
- for those devices, traffic for a particular connection flowing
- through the switch to a balance-rr bond will not utilize greater
- than one interface's worth of bandwidth.
- If you are utilizing protocols other than TCP/IP, UDP for
- example, and your application can tolerate out of order
- delivery, then this mode can allow for single stream datagram
- performance that scales near linearly as interfaces are added
- to the bond.
- This mode requires the switch to have the appropriate ports
- configured for "etherchannel" or "trunking."
- active-backup: There is not much advantage in this network topology to
- the active-backup mode, as the inactive backup devices are all
- connected to the same peer as the primary. In this case, a
- load balancing mode (with link monitoring) will provide the
- same level of network availability, but with increased
- available bandwidth. On the plus side, active-backup mode
- does not require any configuration of the switch, so it may
- have value if the hardware available does not support any of
- the load balance modes.
- balance-xor: This mode will limit traffic such that packets destined
- for specific peers will always be sent over the same
- interface. Since the destination is determined by the MAC
- addresses involved, this mode works best in a "local" network
- configuration (as described above), with destinations all on
- the same local network. This mode is likely to be suboptimal
- if all your traffic is passed through a single router (i.e., a
- "gatewayed" network configuration, as described above).
- As with balance-rr, the switch ports need to be configured for
- "etherchannel" or "trunking."
- broadcast: Like active-backup, there is not much advantage to this
- mode in this type of network topology.
- 802.3ad: This mode can be a good choice for this type of network
- topology. The 802.3ad mode is an IEEE standard, so all peers
- that implement 802.3ad should interoperate well. The 802.3ad
- protocol includes automatic configuration of the aggregates,
- so minimal manual configuration of the switch is needed
- (typically only to designate that some set of devices is
- available for 802.3ad). The 802.3ad standard also mandates
- that frames be delivered in order (within certain limits), so
- in general single connections will not see misordering of
- packets. The 802.3ad mode does have some drawbacks: the
- standard mandates that all devices in the aggregate operate at
- the same speed and duplex. Also, as with all bonding load
- balance modes other than balance-rr, no single connection will
- be able to utilize more than a single interface's worth of
- bandwidth.
- Additionally, the linux bonding 802.3ad implementation
- distributes traffic by peer (using an XOR of MAC addresses
- and packet type ID), so in a "gatewayed" configuration, all
- outgoing traffic will generally use the same device. Incoming
- traffic may also end up on a single device, but that is
- dependent upon the balancing policy of the peer's 8023.ad
- implementation. In a "local" configuration, traffic will be
- distributed across the devices in the bond.
- Finally, the 802.3ad mode mandates the use of the MII monitor,
- therefore, the ARP monitor is not available in this mode.
- balance-tlb: The balance-tlb mode balances outgoing traffic by peer.
- Since the balancing is done according to MAC address, in a
- "gatewayed" configuration (as described above), this mode will
- send all traffic across a single device. However, in a
- "local" network configuration, this mode balances multiple
- local network peers across devices in a vaguely intelligent
- manner (not a simple XOR as in balance-xor or 802.3ad mode),
- so that mathematically unlucky MAC addresses (i.e., ones that
- XOR to the same value) will not all "bunch up" on a single
- interface.
- Unlike 802.3ad, interfaces may be of differing speeds, and no
- special switch configuration is required. On the down side,
- in this mode all incoming traffic arrives over a single
- interface, this mode requires certain ethtool support in the
- network device driver of the slave interfaces, and the ARP
- monitor is not available.
- balance-alb: This mode is everything that balance-tlb is, and more.
- It has all of the features (and restrictions) of balance-tlb,
- and will also balance incoming traffic from local network
- peers (as described in the Bonding Module Options section,
- above).
- The only additional down side to this mode is that the network
- device driver must support changing the hardware address while
- the device is open.
- 12.1.2 MT Link Monitoring for Single Switch Topology
- ----------------------------------------------------
- The choice of link monitoring may largely depend upon which
- mode you choose to use. The more advanced load balancing modes do not
- support the use of the ARP monitor, and are thus restricted to using
- the MII monitor (which does not provide as high a level of end to end
- assurance as the ARP monitor).
- 12.2 Maximum Throughput in a Multiple Switch Topology
- -----------------------------------------------------
- Multiple switches may be utilized to optimize for throughput
- when they are configured in parallel as part of an isolated network
- between two or more systems, for example:
- +-----------+
- | Host A |
- +-+---+---+-+
- | | |
- +--------+ | +---------+
- | | |
- +------+---+ +-----+----+ +-----+----+
- | Switch A | | Switch B | | Switch C |
- +------+---+ +-----+----+ +-----+----+
- | | |
- +--------+ | +---------+
- | | |
- +-+---+---+-+
- | Host B |
- +-----------+
- In this configuration, the switches are isolated from one
- another. One reason to employ a topology such as this is for an
- isolated network with many hosts (a cluster configured for high
- performance, for example), using multiple smaller switches can be more
- cost effective than a single larger switch, e.g., on a network with 24
- hosts, three 24 port switches can be significantly less expensive than
- a single 72 port switch.
- If access beyond the network is required, an individual host
- can be equipped with an additional network device connected to an
- external network; this host then additionally acts as a gateway.
- 12.2.1 MT Bonding Mode Selection for Multiple Switch Topology
- -------------------------------------------------------------
- In actual practice, the bonding mode typically employed in
- configurations of this type is balance-rr. Historically, in this
- network configuration, the usual caveats about out of order packet
- delivery are mitigated by the use of network adapters that do not do
- any kind of packet coalescing (via the use of NAPI, or because the
- device itself does not generate interrupts until some number of
- packets has arrived). When employed in this fashion, the balance-rr
- mode allows individual connections between two hosts to effectively
- utilize greater than one interface's bandwidth.
- 12.2.2 MT Link Monitoring for Multiple Switch Topology
- ------------------------------------------------------
- Again, in actual practice, the MII monitor is most often used
- in this configuration, as performance is given preference over
- availability. The ARP monitor will function in this topology, but its
- advantages over the MII monitor are mitigated by the volume of probes
- needed as the number of systems involved grows (remember that each
- host in the network is configured with bonding).
- 13. Switch Behavior Issues
- ==========================
- 13.1 Link Establishment and Failover Delays
- -------------------------------------------
- Some switches exhibit undesirable behavior with regard to the
- timing of link up and down reporting by the switch.
- First, when a link comes up, some switches may indicate that
- the link is up (carrier available), but not pass traffic over the
- interface for some period of time. This delay is typically due to
- some type of autonegotiation or routing protocol, but may also occur
- during switch initialization (e.g., during recovery after a switch
- failure). If you find this to be a problem, specify an appropriate
- value to the updelay bonding module option to delay the use of the
- relevant interface(s).
- Second, some switches may "bounce" the link state one or more
- times while a link is changing state. This occurs most commonly while
- the switch is initializing. Again, an appropriate updelay value may
- help.
- Note that when a bonding interface has no active links, the
- driver will immediately reuse the first link that goes up, even if the
- updelay parameter has been specified (the updelay is ignored in this
- case). If there are slave interfaces waiting for the updelay timeout
- to expire, the interface that first went into that state will be
- immediately reused. This reduces down time of the network if the
- value of updelay has been overestimated, and since this occurs only in
- cases with no connectivity, there is no additional penalty for
- ignoring the updelay.
- In addition to the concerns about switch timings, if your
- switches take a long time to go into backup mode, it may be desirable
- to not activate a backup interface immediately after a link goes down.
- Failover may be delayed via the downdelay bonding module option.
- 13.2 Duplicated Incoming Packets
- --------------------------------
- NOTE: Starting with version 3.0.2, the bonding driver has logic to
- suppress duplicate packets, which should largely eliminate this problem.
- The following description is kept for reference.
- It is not uncommon to observe a short burst of duplicated
- traffic when the bonding device is first used, or after it has been
- idle for some period of time. This is most easily observed by issuing
- a "ping" to some other host on the network, and noticing that the
- output from ping flags duplicates (typically one per slave).
- For example, on a bond in active-backup mode with five slaves
- all connected to one switch, the output may appear as follows:
- # ping -n 10.0.4.2
- PING 10.0.4.2 (10.0.4.2) from 10.0.3.10 : 56(84) bytes of data.
- 64 bytes from 10.0.4.2: icmp_seq=1 ttl=64 time=13.7 ms
- 64 bytes from 10.0.4.2: icmp_seq=1 ttl=64 time=13.8 ms (DUP!)
- 64 bytes from 10.0.4.2: icmp_seq=1 ttl=64 time=13.8 ms (DUP!)
- 64 bytes from 10.0.4.2: icmp_seq=1 ttl=64 time=13.8 ms (DUP!)
- 64 bytes from 10.0.4.2: icmp_seq=1 ttl=64 time=13.8 ms (DUP!)
- 64 bytes from 10.0.4.2: icmp_seq=2 ttl=64 time=0.216 ms
- 64 bytes from 10.0.4.2: icmp_seq=3 ttl=64 time=0.267 ms
- 64 bytes from 10.0.4.2: icmp_seq=4 ttl=64 time=0.222 ms
- This is not due to an error in the bonding driver, rather, it
- is a side effect of how many switches update their MAC forwarding
- tables. Initially, the switch does not associate the MAC address in
- the packet with a particular switch port, and so it may send the
- traffic to all ports until its MAC forwarding table is updated. Since
- the interfaces attached to the bond may occupy multiple ports on a
- single switch, when the switch (temporarily) floods the traffic to all
- ports, the bond device receives multiple copies of the same packet
- (one per slave device).
- The duplicated packet behavior is switch dependent, some
- switches exhibit this, and some do not. On switches that display this
- behavior, it can be induced by clearing the MAC forwarding table (on
- most Cisco switches, the privileged command "clear mac address-table
- dynamic" will accomplish this).
- 14. Hardware Specific Considerations
- ====================================
- This section contains additional information for configuring
- bonding on specific hardware platforms, or for interfacing bonding
- with particular switches or other devices.
- 14.1 IBM BladeCenter
- --------------------
- This applies to the JS20 and similar systems.
- On the JS20 blades, the bonding driver supports only
- balance-rr, active-backup, balance-tlb and balance-alb modes. This is
- largely due to the network topology inside the BladeCenter, detailed
- below.
- JS20 network adapter information
- --------------------------------
- All JS20s come with two Broadcom Gigabit Ethernet ports
- integrated on the planar (that's "motherboard" in IBM-speak). In the
- BladeCenter chassis, the eth0 port of all JS20 blades is hard wired to
- I/O Module #1; similarly, all eth1 ports are wired to I/O Module #2.
- An add-on Broadcom daughter card can be installed on a JS20 to provide
- two more Gigabit Ethernet ports. These ports, eth2 and eth3, are
- wired to I/O Modules 3 and 4, respectively.
- Each I/O Module may contain either a switch or a passthrough
- module (which allows ports to be directly connected to an external
- switch). Some bonding modes require a specific BladeCenter internal
- network topology in order to function; these are detailed below.
- Additional BladeCenter-specific networking information can be
- found in two IBM Redbooks (www.ibm.com/redbooks):
- "IBM eServer BladeCenter Networking Options"
- "IBM eServer BladeCenter Layer 2-7 Network Switching"
- BladeCenter networking configuration
- ------------------------------------
- Because a BladeCenter can be configured in a very large number
- of ways, this discussion will be confined to describing basic
- configurations.
- Normally, Ethernet Switch Modules (ESMs) are used in I/O
- modules 1 and 2. In this configuration, the eth0 and eth1 ports of a
- JS20 will be connected to different internal switches (in the
- respective I/O modules).
- A passthrough module (OPM or CPM, optical or copper,
- passthrough module) connects the I/O module directly to an external
- switch. By using PMs in I/O module #1 and #2, the eth0 and eth1
- interfaces of a JS20 can be redirected to the outside world and
- connected to a common external switch.
- Depending upon the mix of ESMs and PMs, the network will
- appear to bonding as either a single switch topology (all PMs) or as a
- multiple switch topology (one or more ESMs, zero or more PMs). It is
- also possible to connect ESMs together, resulting in a configuration
- much like the example in "High Availability in a Multiple Switch
- Topology," above.
- Requirements for specific modes
- -------------------------------
- The balance-rr mode requires the use of passthrough modules
- for devices in the bond, all connected to an common external switch.
- That switch must be configured for "etherchannel" or "trunking" on the
- appropriate ports, as is usual for balance-rr.
- The balance-alb and balance-tlb modes will function with
- either switch modules or passthrough modules (or a mix). The only
- specific requirement for these modes is that all network interfaces
- must be able to reach all destinations for traffic sent over the
- bonding device (i.e., the network must converge at some point outside
- the BladeCenter).
- The active-backup mode has no additional requirements.
- Link monitoring issues
- ----------------------
- When an Ethernet Switch Module is in place, only the ARP
- monitor will reliably detect link loss to an external switch. This is
- nothing unusual, but examination of the BladeCenter cabinet would
- suggest that the "external" network ports are the ethernet ports for
- the system, when it fact there is a switch between these "external"
- ports and the devices on the JS20 system itself. The MII monitor is
- only able to detect link failures between the ESM and the JS20 system.
- When a passthrough module is in place, the MII monitor does
- detect failures to the "external" port, which is then directly
- connected to the JS20 system.
- Other concerns
- --------------
- The Serial Over LAN (SoL) link is established over the primary
- ethernet (eth0) only, therefore, any loss of link to eth0 will result
- in losing your SoL connection. It will not fail over with other
- network traffic, as the SoL system is beyond the control of the
- bonding driver.
- It may be desirable to disable spanning tree on the switch
- (either the internal Ethernet Switch Module, or an external switch) to
- avoid fail-over delay issues when using bonding.
-
- 15. Frequently Asked Questions
- ==============================
- 1. Is it SMP safe?
- Yes. The old 2.0.xx channel bonding patch was not SMP safe.
- The new driver was designed to be SMP safe from the start.
- 2. What type of cards will work with it?
- Any Ethernet type cards (you can even mix cards - a Intel
- EtherExpress PRO/100 and a 3com 3c905b, for example). For most modes,
- devices need not be of the same speed.
- Starting with version 3.2.1, bonding also supports Infiniband
- slaves in active-backup mode.
- 3. How many bonding devices can I have?
- There is no limit.
- 4. How many slaves can a bonding device have?
- This is limited only by the number of network interfaces Linux
- supports and/or the number of network cards you can place in your
- system.
- 5. What happens when a slave link dies?
- If link monitoring is enabled, then the failing device will be
- disabled. The active-backup mode will fail over to a backup link, and
- other modes will ignore the failed link. The link will continue to be
- monitored, and should it recover, it will rejoin the bond (in whatever
- manner is appropriate for the mode). See the sections on High
- Availability and the documentation for each mode for additional
- information.
-
- Link monitoring can be enabled via either the miimon or
- arp_interval parameters (described in the module parameters section,
- above). In general, miimon monitors the carrier state as sensed by
- the underlying network device, and the arp monitor (arp_interval)
- monitors connectivity to another host on the local network.
- If no link monitoring is configured, the bonding driver will
- be unable to detect link failures, and will assume that all links are
- always available. This will likely result in lost packets, and a
- resulting degradation of performance. The precise performance loss
- depends upon the bonding mode and network configuration.
- 6. Can bonding be used for High Availability?
- Yes. See the section on High Availability for details.
- 7. Which switches/systems does it work with?
- The full answer to this depends upon the desired mode.
- In the basic balance modes (balance-rr and balance-xor), it
- works with any system that supports etherchannel (also called
- trunking). Most managed switches currently available have such
- support, and many unmanaged switches as well.
- The advanced balance modes (balance-tlb and balance-alb) do
- not have special switch requirements, but do need device drivers that
- support specific features (described in the appropriate section under
- module parameters, above).
- In 802.3ad mode, it works with systems that support IEEE
- 802.3ad Dynamic Link Aggregation. Most managed and many unmanaged
- switches currently available support 802.3ad.
- The active-backup mode should work with any Layer-II switch.
- 8. Where does a bonding device get its MAC address from?
- When using slave devices that have fixed MAC addresses, or when
- the fail_over_mac option is enabled, the bonding device's MAC address is
- the MAC address of the active slave.
- For other configurations, if not explicitly configured (with
- ifconfig or ip link), the MAC address of the bonding device is taken from
- its first slave device. This MAC address is then passed to all following
- slaves and remains persistent (even if the first slave is removed) until
- the bonding device is brought down or reconfigured.
- If you wish to change the MAC address, you can set it with
- ifconfig or ip link:
- # ifconfig bond0 hw ether 00:11:22:33:44:55
- # ip link set bond0 address 66:77:88:99:aa:bb
- The MAC address can be also changed by bringing down/up the
- device and then changing its slaves (or their order):
- # ifconfig bond0 down ; modprobe -r bonding
- # ifconfig bond0 .... up
- # ifenslave bond0 eth...
- This method will automatically take the address from the next
- slave that is added.
- To restore your slaves' MAC addresses, you need to detach them
- from the bond (`ifenslave -d bond0 eth0'). The bonding driver will
- then restore the MAC addresses that the slaves had before they were
- enslaved.
- 16. Resources and Links
- =======================
- The latest version of the bonding driver can be found in the latest
- version of the linux kernel, found on http://kernel.org
- The latest version of this document can be found in the latest kernel
- source (named Documentation/networking/bonding.txt).
- Discussions regarding the usage of the bonding driver take place on the
- bonding-devel mailing list, hosted at sourceforge.net. If you have questions or
- problems, post them to the list. The list address is:
- [email protected]
- The administrative interface (to subscribe or unsubscribe) can
- be found at:
- https://lists.sourceforge.net/lists/listinfo/bonding-devel
- Discussions regarding the development of the bonding driver take place
- on the main Linux network mailing list, hosted at vger.kernel.org. The list
- address is:
- [email protected]
- The administrative interface (to subscribe or unsubscribe) can
- be found at:
- http://vger.kernel.org/vger-lists.html#netdev
- Donald Becker's Ethernet Drivers and diag programs may be found at :
- - http://web.archive.org/web/*/http://www.scyld.com/network/
- You will also find a lot of information regarding Ethernet, NWay, MII,
- etc. at www.scyld.com.
- -- END --
|