User Tools

Site Tools


documentation:examples:aggregating_multiple_isp_links_with_mlvpn

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
documentation:examples:aggregating_multiple_isp_links_with_mlvpn [2020/02/21 21:37]
olivier [Virtual Lab setp]
documentation:examples:aggregating_multiple_isp_links_with_mlvpn [2020/02/21 21:42] (current)
olivier [Aggregated bandwidth]
Line 79: Line 79:
 === Router 2 === === Router 2 ===
  
-Router 2 is configured for rate-limiting traffic at 10 Mb/s on interface to/from R1.+Router 2 is configured for rate-limiting traffic at 10 Mb/s on interface to/from VM1.
  
 <code> <code>
-sysrc hostname=R2 +sysrc hostname=VM2 \ 
-sysrc ifconfig_vtnet0="10.0.12.2/24" +        ifconfig_vtnet0="inet 10.0.12.2/24" \ 
-sysrc ifconfig_vtnet2="10.0.24.2/24" +        ifconfig_vtnet3="inet 10.0.25.2/24" \ 
-sysrc static_routes="R5" +        defaultrouter="10.0.25.5\ 
-sysrc route_R5="-net 10.0.45.0/24 10.0.24.4+        firewall_enable=YES \ 
-sysrc firewall_enable=YES +        firewall_script="/etc/ipfw.rules" 
-sysrc firewall_script="/etc/ipfw.rules" +cat > /etc/ipfw.rules <<EOF
- +
-cat > /etc/ipfw.rules <<'EOF'+
 #!/bin/sh #!/bin/sh
 fwcmd="/sbin/ipfw" fwcmd="/sbin/ipfw"
 kldstat -q -m dummynet || kldload dummynet kldstat -q -m dummynet || kldload dummynet
 # Flush out the list before we begin. # Flush out the list before we begin.
-${fwcmd} -f flush +\${fwcmd} -f flush 
-#Create pipes (one for each direction) +\${fwcmd} pipe 10 config bw 10Mbit/s 
-${fwcmd} pipe 10 config bw 10Mbit/s +\${fwcmd} pipe 20 config bw 10Mbit/s
-${fwcmd} pipe 20 config bw 10Mbit/s+
 #Traffic getting out vtnet0 is limited to 10Mbit/s #Traffic getting out vtnet0 is limited to 10Mbit/s
-${fwcmd} add 1000 pipe 10 all from any to any out via vtnet0+\${fwcmd} add 1000 pipe 10 all from any to any out via vtnet0
 #Traffic getting int vtnet0 is limited to 10Mbit/s #Traffic getting int vtnet0 is limited to 10Mbit/s
-${fwcmd} add 2000 pipe 20 all from any to any in via vtnet0+\${fwcmd} add 2000 pipe 20 all from any to any in via vtnet0
 #We don't want to block traffic, only shape some #We don't want to block traffic, only shape some
-${fwcmd} add 3000 allow ip from any to any +\${fwcmd} add 3000 allow ip from any to any 
-'EOF'+EOF
  
 service netif restart service netif restart
 service routing restart service routing restart
 service ipfw start service ipfw start
 +hostname VM2
 config save config save
 </code> </code>
Line 115: Line 113:
 === Router 3 === === Router 3 ===
  
-Router 3 is configured for rate-limiting traffic at 10 Mb/s on interface to/from R1.+Router 3 is configured for rate-limiting traffic at 10 Mb/s on interface to/from VM1.
  
 <code> <code>
-sysrc hostname=R3 +sysrc hostname=VM3 \ 
-sysrc ifconfig_vtnet0="10.0.13.3/24" +        ifconfig_vtnet0="inet 10.0.13.3/24" \ 
-sysrc ifconfig_vtnet2="10.0.34.3/24" +        ifconfig_vtnet3="inet 10.0.35.3/24" \ 
-sysrc static_routes="R5" +        defaultrouter="10.0.35.5\ 
-sysrc route_R5="-net 10.0.45.0/24 10.0.34.4+        firewall_enable=YES \ 
-sysrc firewall_enable=YES +        firewall_script="/etc/ipfw.rules"
-sysrc firewall_script="/etc/ipfw.rules"+
  
-cat > /etc/ipfw.rules <<'EOF'+cat > /etc/ipfw.rules <<EOF
 #!/bin/sh #!/bin/sh
 fwcmd="/sbin/ipfw" fwcmd="/sbin/ipfw"
 kldstat -q -m dummynet || kldload dummynet kldstat -q -m dummynet || kldload dummynet
 # Flush out the list before we begin. # Flush out the list before we begin.
-${fwcmd} -f flush +\${fwcmd} -f flush 
-#Create pipes (one for each direction) +\${fwcmd} pipe 10 config bw 10Mbit/s 
-${fwcmd} pipe 10 config bw 10Mbit/s +\${fwcmd} pipe 20 config bw 10Mbit/s
-${fwcmd} pipe 20 config bw 10Mbit/s+
 #Traffic getting out vtnet0 is limited to 10Mbit/s #Traffic getting out vtnet0 is limited to 10Mbit/s
-${fwcmd} add 1000 pipe 10 all from any to any out via vtnet0+\${fwcmd} add 1000 pipe 10 all from any to any out via vtnet0
 #Traffic getting int vtnet0 is limited to 10Mbit/s #Traffic getting int vtnet0 is limited to 10Mbit/s
-${fwcmd} add 2000 pipe 20 all from any to any in via vtnet0+\${fwcmd} add 2000 pipe 20 all from any to any in via vtnet0
 #We don't want to block traffic, only shape some #We don't want to block traffic, only shape some
-${fwcmd} add 3000 allow ip from any to any +\${fwcmd} add 3000 allow ip from any to any 
-'EOF'+EOF
  
 service netif restart service netif restart
 service routing restart service routing restart
 service ipfw start service ipfw start
 +hostname VM3
 config save config save
 </code> </code>
Line 151: Line 148:
 === Router 4 === === Router 4 ===
  
-Router 4 is the aggregating server'default gateway.+Router 4 is configured for rate-limiting traffic at 10 Mb/on interface to/from VM1.
  
 <code> <code>
-sysrc hostname=R4 +sysrc hostname=VM4 \ 
-sysrc ifconfig_vtnet1="10.0.24.4/24" +        ifconfig_vtnet0="inet 10.0.14.4/24" \ 
-sysrc ifconfig_vtnet2="10.0.34.4/24" +        ifconfig_vtnet3="inet 10.0.45.4/24" \ 
-sysrc ifconfig_vtnet3="10.0.45.4/24+        defaultrouter="10.0.45.5\ 
-sysrc static_routes="R2 R3" +        firewall_enable=YES \ 
-sysrc route_R2="-net 10.0.12.0/24 10.0.24.2+        firewall_script="/etc/ipfw.rules
-sysrc route_R3="-net 10.0.13.0/24 10.0.34.3"+ 
 +cat > /etc/ipfw.rules <<EOF 
 +#!/bin/sh 
 +fwcmd="/sbin/ipfw" 
 +kldstat -q -m dummynet || kldload dummynet 
 +# Flush out the list before we begin. 
 +\${fwcmd} -f flush 
 +\${fwcmd} pipe 10 config bw 10Mbit/
 +\${fwcmd} pipe 20 config bw 10Mbit/s 
 +#Traffic getting out vtnet0 is limited to 10Mbit/s 
 +\${fwcmd} add 1000 pipe 10 all from any to any out via vtnet0 
 +#Traffic getting int vten0 is limited to 10Mbit/s 
 +\${fwcmd} add 2000 pipe 20 all from any to any in via vtnet0 
 +#We don't want to block traffic, only shape some 
 +\${fwcmd} add 3000 allow ip from any to any 
 +EOF 
 service netif restart service netif restart
 service routing restart service routing restart
 +service ipfw start
 +hostname VM4
 +config save
 +</code>
 +
 +=== Router 5 ===
 +
 +Router 5 is the aggregating server's default gateway.
 +
 +<code>
 +sysrc hostname=R5 \
 +        ifconfig_vtnet1="inet 10.0.25.5/24" \
 +        ifconfig_vtnet2="inet 10.0.35.5/24" \
 +        ifconfig_vtnet3="inet 10.0.45.5/24" \
 +        ifconfig_vtnet4="inet 10.0.56.5/24" \
 +        static_routes="ISP1 ISP2 ISP3" \
 +        route_ISP1="-host 10.0.12.1 10.0.25.2" \
 +        route_ISP2="-host 10.0.13.1 10.0.35.3" \
 +        route_ISP3="-host 10.0.14.1 10.0.45.4"
 +service netif restart
 +service routing restart
 +hostname VM5
 config save config save
 </code> </code>
Line 168: Line 203:
  
 Router 1 is configured as a  MLVPN client router connected to 3 different Internet links. Router 1 is configured as a  MLVPN client router connected to 3 different Internet links.
-The big difference with MLPPP: We can't use 3 differents IP addresses on our server, then can't simply install 3 differents static routes. We need a 3 default routes, then a minimum of 4 differents routing table. 
  
-<code> +We need a default routes for each ISP links, then a minimum of 4 different routing tables.
-sysrc hostname=R1 +
-sysrc cloned_interfaces="lo1" +
-sysrc ifconfig_lo1="inet 10.1.1.1/32" +
-sysrc ifconfig_vtnet0="10.0.12.1/24 fib 2" +
-sysrc ifconfig_vtnet1="10.0.13.1/24 fib 3" +
-sysrc static_routes="ISP1 ISP2" +
-sysrc route_ISP1="-fib 2 default 10.0.12.2" +
-sysrc route_ISP2="-fib 3 default 10.0.13.3" +
-sysrc mlvpn_enable=YES+
  
 +<code>
 +sysrc hostname=VM1 \
 +        cloned_interfaces="lo1" \
 +        ifconfig_lo1="inet 10.1.1.1/32" \
 +        ifconfig_vtnet0="inet 10.0.12.1/24 fib 2" \
 +        ifconfig_vtnet1="inet 10.0.13.1/24 fib 3" \
 +        ifconfig_vtnet2="inet 10.0.14.1/24 fib 4" \
 +        static_routes="ISP1 ISP2 ISP3" \
 +        route_ISP1="-fib 2 default 10.0.12.2" \
 +        route_ISP2="-fib 3 default 10.0.13.3" \
 +        route_ISP3="-fib 4 default 10.0.14.4"
 cat <<EOF > /usr/local/etc/mlvpn/mlvpn.conf cat <<EOF > /usr/local/etc/mlvpn/mlvpn.conf
 [general] [general]
Line 187: Line 223:
 mtu = 1452 mtu = 1452
 tuntap = "tun" tuntap = "tun"
-ip4 = "10.0.15.1/30" +ip4 = "10.0.16.1/30" 
-ip4_gateway = "10.0.15.5+ip4_gateway = "10.0.16.2
-ip4_routes = "10.5.5.5/32"+ip4_routes = "10.6.6.6/32"
 timeout = 30 timeout = 30
 password = "pleasechangeme!" password = "pleasechangeme!"
Line 199: Line 235:
 bindport = 5082 bindport = 5082
 bindfib = 2 bindfib = 2
-remotehost = "10.0.45.5"+remotehost = "10.0.56.6"
 remoteport = 5082 remoteport = 5082
- 
 [dsl3] [dsl3]
 bindhost = "10.0.13.1" bindhost = "10.0.13.1"
 bindport = 5083 bindport = 5083
 bindfib = 3 bindfib = 3
-remotehost = "10.0.45.5"+remotehost = "10.0.56.6"
 remoteport = 5083 remoteport = 5083
 +
 +[dsl4]
 +bindhost = "10.0.14.1"
 +bindport = 5084
 +bindfib = 4
 +remotehost = "10.0.56.6"
 +remoteport = 5084
  
 EOF EOF
 +service mlvpn enable
 service netif restart service netif restart
 service routing restart service routing restart
 service mlvpn start service mlvpn start
 +hostname VM1
 config save config save
 </code> </code>
  
-==== Router : MLVPN server ====+==== Router : MLVPN server ====
  
-Router is configured as a aggregating server.+Router is configured as a aggregating server.
  
 <code> <code>
-sysrc hostname=R5 +sysrc hostname=VM6 \ 
-sysrc cloned_interfaces="lo1" +        cloned_interfaces="lo1" \ 
-sysrc ifconfig_lo1="inet 10.5.5.5/32" +        ifconfig_lo1="inet 10.6.6.6/32" \ 
-sysrc ifconfig_vtnet3="10.0.45.5/24" +        ifconfig_vtnet4="inet 10.0.56.6/24" \ 
-sysrc defaultrouter=10.0.45.+        defaultrouter="10.0.56.5" 
-sysrc mlvpn_enable=YES +cat > /usr/local/etc/mlvpn/mlvpn.conf <<EOF
- +
-cat <<'EOF' > /usr/local/etc/mlvpn/mlvpn.conf+
 [general] [general]
 statuscommand = "/usr/local/etc/mlvpn/mlvpn_updown.sh" statuscommand = "/usr/local/etc/mlvpn/mlvpn_updown.sh"
 tuntap = "tun" tuntap = "tun"
 mode = "server" mode = "server"
-ip4 = "10.0.15.5/30" +ip4 = "10.0.16.2/30" 
-ip4_gateway = "10.0.15.1"+ip4_gateway = "10.0.16.1"
 ip4_routes = "10.1.1.1/32" ip4_routes = "10.1.1.1/32"
 timeout = 30 timeout = 30
Line 243: Line 284:
  
 [adsl2] [adsl2]
-bindhost = "10.0.45.5"+bindhost = "10.0.56.6"
 bindport = 5082 bindport = 5082
  
 [adsl3] [adsl3]
-bindhost = "10.0.45.5"+bindhost = "10.0.56.6"
 bindport = 5083 bindport = 5083
-'EOF' 
  
 +[adsl4]
 +bindhost = "10.0.56.6"
 +bindport = 5084
 +
 +EOF
 +
 +service mlvpn enable
 service netif restart service netif restart
 service routing restart service routing restart
 service mlvpn start service mlvpn start
 +hostname VM6
 config save config save
 </code> </code>
Line 366: Line 414:
 ==== Aggregated bandwidth ==== ==== Aggregated bandwidth ====
  
-Check that aggregated bandwitdh is 10+10 = 20Mbit/s on this lab.+Check that aggregated bandwitdh is 10+10+10 = 30Mbit/s on this lab.
  
 <code> <code>
Line 376: Line 424:
 </code> </code>
  
-Ouch, not expected performance+Ouch, not the expected performance :-(
documentation/examples/aggregating_multiple_isp_links_with_mlvpn.1582317441.txt.gz · Last modified: 2020/02/21 21:37 by olivier