documentation:examples:aggregating_multiple_isp_links_with_mlvpn
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revisionLast revisionBoth sides next revision | ||
documentation:examples:aggregating_multiple_isp_links_with_mlvpn [2020/02/21 21:37] – [Virtual Lab setp] olivier | documentation:examples:aggregating_multiple_isp_links_with_mlvpn [2020/02/21 21:42] – [Router 1 : MLVPN client] olivier | ||
---|---|---|---|
Line 79: | Line 79: | ||
=== Router 2 === | === Router 2 === | ||
- | Router 2 is configured for rate-limiting traffic at 10 Mb/s on interface to/ | + | Router 2 is configured for rate-limiting traffic at 10 Mb/s on interface to/ |
< | < | ||
- | sysrc hostname=R2 | + | sysrc hostname=VM2 \ |
- | sysrc ifconfig_vtnet0=" | + | ifconfig_vtnet0=" |
- | sysrc ifconfig_vtnet2=" | + | |
- | sysrc static_routes="R5" | + | |
- | sysrc route_R5=" | + | firewall_enable=YES |
- | sysrc firewall_enable=YES | + | firewall_script="/ |
- | sysrc firewall_script="/ | + | cat > / |
- | + | ||
- | cat > / | + | |
#!/bin/sh | #!/bin/sh | ||
fwcmd="/ | fwcmd="/ | ||
kldstat -q -m dummynet || kldload dummynet | kldstat -q -m dummynet || kldload dummynet | ||
# Flush out the list before we begin. | # Flush out the list before we begin. | ||
- | ${fwcmd} -f flush | + | \${fwcmd} -f flush |
- | #Create pipes (one for each direction) | + | \${fwcmd} pipe 10 config bw 10Mbit/s |
- | ${fwcmd} pipe 10 config bw 10Mbit/s | + | \${fwcmd} pipe 20 config bw 10Mbit/s |
- | ${fwcmd} pipe 20 config bw 10Mbit/s | + | |
#Traffic getting out vtnet0 is limited to 10Mbit/s | #Traffic getting out vtnet0 is limited to 10Mbit/s | ||
- | ${fwcmd} add 1000 pipe 10 all from any to any out via vtnet0 | + | \${fwcmd} add 1000 pipe 10 all from any to any out via vtnet0 |
#Traffic getting int vtnet0 is limited to 10Mbit/s | #Traffic getting int vtnet0 is limited to 10Mbit/s | ||
- | ${fwcmd} add 2000 pipe 20 all from any to any in via vtnet0 | + | \${fwcmd} add 2000 pipe 20 all from any to any in via vtnet0 |
#We don't want to block traffic, only shape some | #We don't want to block traffic, only shape some | ||
- | ${fwcmd} add 3000 allow ip from any to any | + | \${fwcmd} add 3000 allow ip from any to any |
- | 'EOF' | + | EOF |
service netif restart | service netif restart | ||
service routing restart | service routing restart | ||
service ipfw start | service ipfw start | ||
+ | hostname VM2 | ||
config save | config save | ||
</ | </ | ||
Line 115: | Line 113: | ||
=== Router 3 === | === Router 3 === | ||
- | Router 3 is configured for rate-limiting traffic at 10 Mb/s on interface to/ | + | Router 3 is configured for rate-limiting traffic at 10 Mb/s on interface to/ |
< | < | ||
- | sysrc hostname=R3 | + | sysrc hostname=VM3 \ |
- | sysrc ifconfig_vtnet0=" | + | ifconfig_vtnet0=" |
- | sysrc ifconfig_vtnet2=" | + | |
- | sysrc static_routes="R5" | + | |
- | sysrc route_R5=" | + | firewall_enable=YES |
- | sysrc firewall_enable=YES | + | firewall_script="/ |
- | sysrc firewall_script="/ | + | |
- | cat > / | + | cat > / |
#!/bin/sh | #!/bin/sh | ||
fwcmd="/ | fwcmd="/ | ||
kldstat -q -m dummynet || kldload dummynet | kldstat -q -m dummynet || kldload dummynet | ||
# Flush out the list before we begin. | # Flush out the list before we begin. | ||
- | ${fwcmd} -f flush | + | \${fwcmd} -f flush |
- | #Create pipes (one for each direction) | + | \${fwcmd} pipe 10 config bw 10Mbit/s |
- | ${fwcmd} pipe 10 config bw 10Mbit/s | + | \${fwcmd} pipe 20 config bw 10Mbit/s |
- | ${fwcmd} pipe 20 config bw 10Mbit/s | + | |
#Traffic getting out vtnet0 is limited to 10Mbit/s | #Traffic getting out vtnet0 is limited to 10Mbit/s | ||
- | ${fwcmd} add 1000 pipe 10 all from any to any out via vtnet0 | + | \${fwcmd} add 1000 pipe 10 all from any to any out via vtnet0 |
#Traffic getting int vtnet0 is limited to 10Mbit/s | #Traffic getting int vtnet0 is limited to 10Mbit/s | ||
- | ${fwcmd} add 2000 pipe 20 all from any to any in via vtnet0 | + | \${fwcmd} add 2000 pipe 20 all from any to any in via vtnet0 |
#We don't want to block traffic, only shape some | #We don't want to block traffic, only shape some | ||
- | ${fwcmd} add 3000 allow ip from any to any | + | \${fwcmd} add 3000 allow ip from any to any |
- | 'EOF' | + | EOF |
service netif restart | service netif restart | ||
service routing restart | service routing restart | ||
service ipfw start | service ipfw start | ||
+ | hostname VM3 | ||
config save | config save | ||
</ | </ | ||
Line 151: | Line 148: | ||
=== Router 4 === | === Router 4 === | ||
- | Router 4 is the aggregating server' | + | Router 4 is configured for rate-limiting traffic at 10 Mb/s on interface to/from VM1. |
< | < | ||
- | sysrc hostname=R4 | + | sysrc hostname=VM4 \ |
- | sysrc ifconfig_vtnet1=" | + | |
- | sysrc ifconfig_vtnet2=" | + | |
- | sysrc ifconfig_vtnet3=" | + | |
- | sysrc static_routes="R2 R3" | + | |
- | sysrc route_R2="-net 10.0.12.0/24 10.0.24.2" | + | |
- | sysrc route_R3="-net 10.0.13.0/24 10.0.34.3" | + | |
+ | cat > / | ||
+ | #!/bin/sh | ||
+ | fwcmd="/ | ||
+ | kldstat | ||
+ | # Flush out the list before we begin. | ||
+ | \${fwcmd} -f flush | ||
+ | \${fwcmd} pipe 10 config bw 10Mbit/s | ||
+ | \${fwcmd} pipe 20 config bw 10Mbit/s | ||
+ | #Traffic getting out vtnet0 is limited to 10Mbit/s | ||
+ | \${fwcmd} add 1000 pipe 10 all from any to any out via vtnet0 | ||
+ | #Traffic getting int vten0 is limited to 10Mbit/s | ||
+ | \${fwcmd} add 2000 pipe 20 all from any to any in via vtnet0 | ||
+ | #We don't want to block traffic, only shape some | ||
+ | \${fwcmd} add 3000 allow ip from any to any | ||
+ | EOF | ||
service netif restart | service netif restart | ||
service routing restart | service routing restart | ||
+ | service ipfw start | ||
+ | hostname VM4 | ||
+ | config save | ||
+ | </ | ||
+ | |||
+ | === Router 5 === | ||
+ | |||
+ | Router 5 is the aggregating server' | ||
+ | |||
+ | < | ||
+ | sysrc hostname=R5 \ | ||
+ | ifconfig_vtnet1=" | ||
+ | ifconfig_vtnet2=" | ||
+ | ifconfig_vtnet3=" | ||
+ | ifconfig_vtnet4=" | ||
+ | static_routes=" | ||
+ | route_ISP1=" | ||
+ | route_ISP2=" | ||
+ | route_ISP3=" | ||
+ | service netif restart | ||
+ | service routing restart | ||
+ | hostname VM5 | ||
config save | config save | ||
</ | </ | ||
Line 168: | Line 203: | ||
Router 1 is configured as a MLVPN client router connected to 3 different Internet links. | Router 1 is configured as a MLVPN client router connected to 3 different Internet links. | ||
- | The big difference with MLPPP: We can't use 3 differents IP addresses on our server, then can't simply install 3 differents static routes. We need a 3 default routes, then a minimum of 4 differents routing table. | ||
- | < | + | We need a default |
- | sysrc hostname=R1 | + | |
- | sysrc cloned_interfaces=" | + | |
- | sysrc ifconfig_lo1=" | + | |
- | sysrc ifconfig_vtnet0=" | + | |
- | sysrc ifconfig_vtnet1=" | + | |
- | sysrc static_routes=" | + | |
- | sysrc route_ISP1=" | + | |
- | sysrc route_ISP2=" | + | |
- | sysrc mlvpn_enable=YES | + | |
+ | < | ||
+ | sysrc hostname=VM1 \ | ||
+ | cloned_interfaces=" | ||
+ | ifconfig_lo1=" | ||
+ | ifconfig_vtnet0=" | ||
+ | ifconfig_vtnet1=" | ||
+ | ifconfig_vtnet2=" | ||
+ | static_routes=" | ||
+ | route_ISP1=" | ||
+ | route_ISP2=" | ||
+ | route_ISP3=" | ||
cat <<EOF > / | cat <<EOF > / | ||
[general] | [general] | ||
Line 187: | Line 223: | ||
mtu = 1452 | mtu = 1452 | ||
tuntap = " | tuntap = " | ||
- | ip4 = "10.0.15.1/ | + | ip4 = "10.0.16.1/ |
- | ip4_gateway = "10.0.15.5" | + | ip4_gateway = "10.0.16.2" |
- | ip4_routes = "10.5.5.5/32" | + | ip4_routes = "10.6.6.6/32" |
timeout = 30 | timeout = 30 | ||
password = " | password = " | ||
Line 199: | Line 235: | ||
bindport = 5082 | bindport = 5082 | ||
bindfib = 2 | bindfib = 2 | ||
- | remotehost = "10.0.45.5" | + | remotehost = "10.0.56.6" |
remoteport = 5082 | remoteport = 5082 | ||
- | |||
[dsl3] | [dsl3] | ||
bindhost = " | bindhost = " | ||
bindport = 5083 | bindport = 5083 | ||
bindfib = 3 | bindfib = 3 | ||
- | remotehost = "10.0.45.5" | + | remotehost = "10.0.56.6" |
remoteport = 5083 | remoteport = 5083 | ||
+ | |||
+ | [dsl4] | ||
+ | bindhost = " | ||
+ | bindport = 5084 | ||
+ | bindfib = 4 | ||
+ | remotehost = " | ||
+ | remoteport = 5084 | ||
EOF | EOF | ||
+ | service mlvpn enable | ||
service netif restart | service netif restart | ||
service routing restart | service routing restart | ||
service mlvpn start | service mlvpn start | ||
+ | hostname VM1 | ||
config save | config save | ||
</ | </ | ||
- | ==== Router | + | ==== Router |
- | Router | + | Router |
< | < | ||
- | sysrc hostname=R5 | + | sysrc hostname=VM6 \ |
- | sysrc cloned_interfaces=" | + | cloned_interfaces=" |
- | sysrc ifconfig_lo1=" | + | ifconfig_lo1=" |
- | sysrc ifconfig_vtnet3=" | + | |
- | sysrc defaultrouter=10.0.45.4 | + | defaultrouter="10.0.56.5" |
- | sysrc mlvpn_enable=YES | + | cat > / |
- | + | ||
- | cat <<' | + | |
[general] | [general] | ||
statuscommand = "/ | statuscommand = "/ | ||
tuntap = " | tuntap = " | ||
mode = " | mode = " | ||
- | ip4 = "10.0.15.5/30" | + | ip4 = "10.0.16.2/30" |
- | ip4_gateway = "10.0.15.1" | + | ip4_gateway = "10.0.16.1" |
ip4_routes = " | ip4_routes = " | ||
timeout = 30 | timeout = 30 | ||
Line 243: | Line 284: | ||
[adsl2] | [adsl2] | ||
- | bindhost = "10.0.45.5" | + | bindhost = "10.0.56.6" |
bindport = 5082 | bindport = 5082 | ||
[adsl3] | [adsl3] | ||
- | bindhost = "10.0.45.5" | + | bindhost = "10.0.56.6" |
bindport = 5083 | bindport = 5083 | ||
- | ' | ||
+ | [adsl4] | ||
+ | bindhost = " | ||
+ | bindport = 5084 | ||
+ | |||
+ | EOF | ||
+ | |||
+ | service mlvpn enable | ||
service netif restart | service netif restart | ||
service routing restart | service routing restart | ||
service mlvpn start | service mlvpn start | ||
+ | hostname VM6 | ||
config save | config save | ||
</ | </ |
documentation/examples/aggregating_multiple_isp_links_with_mlvpn.txt · Last modified: 2020/02/21 21:42 by olivier