space_server: bond all 3 gigabit ports, and enjoy 3x1G uplink3x1g-bond

Before:
- enp1s0: wan
- enp2s0: lan (with VLANs)
- enp3s0: mgt

Changes in this patch:
- wan is moved to VLAN id 5
- bond0 is created, replacing lan as lower device for VLANs
- mgt config is removed (could be reconfigured as a VLAN, and
                         made a available on a switch port)
- all 3 ports are enslaved in bond0

From the switch towards the space server load-balance algorithm
src-dst-ip* is used.

From the space server towards the switch L3+L4 is used.

Therefore a single IP pair will always use the same 1G
from the swith to the space server, a client therefore
needs to multiplex over multiple IPs in order to

*) The src-dst-ip algorithm on the switch hasn't been
   tested with IPv6 yet. Hopefully we can find a better
   switch at some point, so we can include the L4 ports in
   the hashing on the switch.

Signed-off-by: Asbjørn Sloth Tønnesen <asbjorn@labitat.dk>

1 files changed, 2 insertions, 0 deletions

diff --git a/roles/space_server/files/nftables.service b/roles/space_server/files/nftables.service
index 54efd9c..2bd976f 100644
--- a/roles/space_server/files/nftables.service
+++ b/roles/space_server/files/nftables.service
@@ -1,6 +1,7 @@
 [Unit]
 Description=Netfilter Tables
 Documentation=man:nft(8)
+Requires=sys-devices-virtual-net-wan.device
 Requires=sys-devices-virtual-net-lan10.device
 Requires=sys-devices-virtual-net-lan11.device
 Requires=sys-devices-virtual-net-lan12.device
@@ -10,6 +11,7 @@ Requires=sys-devices-virtual-net-lan15.device
 Requires=sys-devices-virtual-net-lan20.device
 Requires=sys-devices-virtual-net-lan21.device
 Requires=sys-devices-virtual-net-nat64.device
+After=sys-devices-virtual-net-wan.device
 After=sys-devices-virtual-net-lan10.device
 After=sys-devices-virtual-net-lan11.device
 After=sys-devices-virtual-net-lan12.device