From a8fab3916c0ec8ec7307de636522f4de8849543b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Asbj=C3=B8rn=20Sloth=20T=C3=B8nnesen?= Date: Mon, 13 Sep 2021 14:39:08 +0000 Subject: space_server: bond all 3 gigabit ports, and enjoy 3x1G uplink MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Before: - enp1s0: wan - enp2s0: lan (with VLANs) - enp3s0: mgt Changes in this patch: - wan is moved to VLAN id 5 - bond0 is created, replacing lan as lower device for VLANs - mgt config is removed (could be reconfigured as a VLAN, and made a available on a switch port) - all 3 ports are enslaved in bond0 From the switch towards the space server load-balance algorithm src-dst-ip* is used. From the space server towards the switch L3+L4 is used. Therefore a single IP pair will always use the same 1G from the swith to the space server, a client therefore needs to multiplex over multiple IPs in order to *) The src-dst-ip algorithm on the switch hasn't been tested with IPv6 yet. Hopefully we can find a better switch at some point, so we can include the L4 ports in the hashing on the switch. Signed-off-by: Asbjørn Sloth Tønnesen --- roles/space_server/files/networkd/10-bond0.netdev | 11 +++++++++++ roles/space_server/files/networkd/10-bond0.network | 22 +++++++++++++++++++++ .../space_server/files/networkd/10-enp1s0.network | 5 +++++ .../space_server/files/networkd/10-enp2s0.network | 5 +++++ .../space_server/files/networkd/10-enp3s0.network | 5 +++++ roles/space_server/files/networkd/10-lan.link | 5 ----- roles/space_server/files/networkd/10-lan.network | 21 -------------------- roles/space_server/files/networkd/10-mgt.link | 5 ----- roles/space_server/files/networkd/10-mgt.network | 23 ---------------------- roles/space_server/files/networkd/10-wan.link | 5 ----- roles/space_server/files/networkd/10-wan.netdev | 6 ++++++ roles/space_server/files/networkd/10-wan.network | 3 +++ roles/space_server/files/nftables.service | 2 ++ 13 files changed, 59 insertions(+), 59 deletions(-) create mode 100644 roles/space_server/files/networkd/10-bond0.netdev create mode 100644 roles/space_server/files/networkd/10-bond0.network create mode 100644 roles/space_server/files/networkd/10-enp1s0.network create mode 100644 roles/space_server/files/networkd/10-enp2s0.network create mode 100644 roles/space_server/files/networkd/10-enp3s0.network delete mode 100644 roles/space_server/files/networkd/10-lan.link delete mode 100644 roles/space_server/files/networkd/10-lan.network delete mode 100644 roles/space_server/files/networkd/10-mgt.link delete mode 100644 roles/space_server/files/networkd/10-mgt.network delete mode 100644 roles/space_server/files/networkd/10-wan.link create mode 100644 roles/space_server/files/networkd/10-wan.netdev diff --git a/roles/space_server/files/networkd/10-bond0.netdev b/roles/space_server/files/networkd/10-bond0.netdev new file mode 100644 index 0000000..824f3f6 --- /dev/null +++ b/roles/space_server/files/networkd/10-bond0.netdev @@ -0,0 +1,11 @@ +[NetDev] +Name=bond0 +Kind=bond + +[Bond] +Mode=802.3ad +LACPTransmitRate=fast +MIIMonitorSec=1s +UpDelaySec=2s +DownDelaySec=8s +TransmitHashPolicy=layer2+3 diff --git a/roles/space_server/files/networkd/10-bond0.network b/roles/space_server/files/networkd/10-bond0.network new file mode 100644 index 0000000..39695a4 --- /dev/null +++ b/roles/space_server/files/networkd/10-bond0.network @@ -0,0 +1,22 @@ +[Match] +Name=bond0 + +[Link] +ARP=no +RequiredForOnline=no + +[Network] +DHCP=no +IPv6AcceptRA=no +LinkLocalAddressing=no +LLMNR=no +MulticastDNS=no +VLAN=wan +VLAN=lan10 +VLAN=lan11 +VLAN=lan12 +VLAN=lan13 +VLAN=lan14 +VLAN=lan15 +VLAN=lan20 +VLAN=lan21 diff --git a/roles/space_server/files/networkd/10-enp1s0.network b/roles/space_server/files/networkd/10-enp1s0.network new file mode 100644 index 0000000..1395f3a --- /dev/null +++ b/roles/space_server/files/networkd/10-enp1s0.network @@ -0,0 +1,5 @@ +[Match] +Path=pci-0000:01:00.0 + +[Network] +Bond=bond0 diff --git a/roles/space_server/files/networkd/10-enp2s0.network b/roles/space_server/files/networkd/10-enp2s0.network new file mode 100644 index 0000000..9a987a6 --- /dev/null +++ b/roles/space_server/files/networkd/10-enp2s0.network @@ -0,0 +1,5 @@ +[Match] +Path=pci-0000:02:00.0 + +[Network] +Bond=bond0 diff --git a/roles/space_server/files/networkd/10-enp3s0.network b/roles/space_server/files/networkd/10-enp3s0.network new file mode 100644 index 0000000..a07d57a --- /dev/null +++ b/roles/space_server/files/networkd/10-enp3s0.network @@ -0,0 +1,5 @@ +[Match] +Path=pci-0000:03:00.0 + +[Network] +Bond=bond0 diff --git a/roles/space_server/files/networkd/10-lan.link b/roles/space_server/files/networkd/10-lan.link deleted file mode 100644 index 996917e..0000000 --- a/roles/space_server/files/networkd/10-lan.link +++ /dev/null @@ -1,5 +0,0 @@ -[Match] -Path=pci-0000:02:00.0 - -[Link] -Name=lan diff --git a/roles/space_server/files/networkd/10-lan.network b/roles/space_server/files/networkd/10-lan.network deleted file mode 100644 index 1221be8..0000000 --- a/roles/space_server/files/networkd/10-lan.network +++ /dev/null @@ -1,21 +0,0 @@ -[Match] -Name=lan - -[Link] -ARP=no -RequiredForOnline=no - -[Network] -DHCP=no -IPv6AcceptRA=no -LinkLocalAddressing=no -LLMNR=no -MulticastDNS=no -VLAN=lan10 -VLAN=lan11 -VLAN=lan12 -VLAN=lan13 -VLAN=lan14 -VLAN=lan15 -VLAN=lan20 -VLAN=lan21 diff --git a/roles/space_server/files/networkd/10-mgt.link b/roles/space_server/files/networkd/10-mgt.link deleted file mode 100644 index 715f409..0000000 --- a/roles/space_server/files/networkd/10-mgt.link +++ /dev/null @@ -1,5 +0,0 @@ -[Match] -Path=pci-0000:03:00.0 - -[Link] -Name=mgt diff --git a/roles/space_server/files/networkd/10-mgt.network b/roles/space_server/files/networkd/10-mgt.network deleted file mode 100644 index d2b34b9..0000000 --- a/roles/space_server/files/networkd/10-mgt.network +++ /dev/null @@ -1,23 +0,0 @@ -[Match] -Name=mgt - -[Link] -RequiredForOnline=no - -[Network] -DHCP=no -IPv6AcceptRA=no -LinkLocalAddressing=no -Address=192.168.112.1/24 -IPForward=ipv4 -DHCPServer=yes -LLMNR=yes -MulticastDNS=yes -LLDP=yes -EmitLLDP=yes - -[DHCPServer] -EmitDNS=yes -DNS=185.38.175.0 -EmitNTP=no -EmitTimezone=yes diff --git a/roles/space_server/files/networkd/10-wan.link b/roles/space_server/files/networkd/10-wan.link deleted file mode 100644 index 47a7270..0000000 --- a/roles/space_server/files/networkd/10-wan.link +++ /dev/null @@ -1,5 +0,0 @@ -[Match] -Path=pci-0000:01:00.0 - -[Link] -Name=wan diff --git a/roles/space_server/files/networkd/10-wan.netdev b/roles/space_server/files/networkd/10-wan.netdev new file mode 100644 index 0000000..ea4d8b4 --- /dev/null +++ b/roles/space_server/files/networkd/10-wan.netdev @@ -0,0 +1,6 @@ +[NetDev] +Name=wan +Kind=vlan + +[VLAN] +Id=5 diff --git a/roles/space_server/files/networkd/10-wan.network b/roles/space_server/files/networkd/10-wan.network index 36b2230..095bcfe 100644 --- a/roles/space_server/files/networkd/10-wan.network +++ b/roles/space_server/files/networkd/10-wan.network @@ -1,6 +1,9 @@ [Match] Name=wan +[Link] +ARP=yes + [Network] DHCP=no IPv6AcceptRA=no diff --git a/roles/space_server/files/nftables.service b/roles/space_server/files/nftables.service index 54efd9c..2bd976f 100644 --- a/roles/space_server/files/nftables.service +++ b/roles/space_server/files/nftables.service @@ -1,6 +1,7 @@ [Unit] Description=Netfilter Tables Documentation=man:nft(8) +Requires=sys-devices-virtual-net-wan.device Requires=sys-devices-virtual-net-lan10.device Requires=sys-devices-virtual-net-lan11.device Requires=sys-devices-virtual-net-lan12.device @@ -10,6 +11,7 @@ Requires=sys-devices-virtual-net-lan15.device Requires=sys-devices-virtual-net-lan20.device Requires=sys-devices-virtual-net-lan21.device Requires=sys-devices-virtual-net-nat64.device +After=sys-devices-virtual-net-wan.device After=sys-devices-virtual-net-lan10.device After=sys-devices-virtual-net-lan11.device After=sys-devices-virtual-net-lan12.device -- cgit v1.2.1