lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date:	Mon, 27 May 2013 01:58:58 +0200
From:	Krisztian Ivancso <github-ivan@...ncso.net>
To:	netdev@...r.kernel.org
CC:	Andy Gospodarek <andy@...yhouse.net>
Subject: bonding lacp port id parameter

Hi All,

I would like to introduce a new feature to bonding driver.
It makes possible to attach more Linux boxes (as member) to a dynamic 
LAG port (802.1ax or 802.3ad) on a switch.

The patch adds port id setting feature by lacp_port_id module parameter 
and it's possible to set it by sysfs.

Adding more linux boxes to a LAG makes possible to do load-balancing by 
using port channel load balancing of switch (eg. by source-dest-ip or 
src-ip).

It's essential to set the same MAC address to bonding interface and to 
set different port ids on different Linux boxes for a working solution.

Possible use cases:
1. Redundant DNS servers with same IP address
2. Reverse proxies with same IP address
3. "multi-master" LVS

Beside redundancy it provides scalability, scalability depends on 
hardware capability.
(E.g. a LAG port with 4 members - linux LVS servers - using a Cisco 
switch/router splits traffic to ports equally by src IP (2-2-2-2). If a 
link fails, switch forwards traffic to 3 switch ports (3-3-3). It means 
you can utilize overall bandwith as much as 66% with full redundancy. 
It's better with 16% than using 2 master-slave LVS and you use just 1 IP 
and can handle 100% more peak traffic.)

Using this feature with vPC (virtual portchannel) or similar solution it 
provides a physically redundant service from network devices to servers. 
(Nowadays it's available in cheaper network devices - e.g. distributed 
link aggregation in HP switches.)

-- 
Best regards,
Krisztian IVANCSO
github-ivan@...ncso.net
https://www.ivancso.net

View attachment "bonding_lacp_port_id.patch" of type "text/x-patch" (5383 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ