From a8fab3916c0ec8ec7307de636522f4de8849543b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Asbj=C3=B8rn=20Sloth=20T=C3=B8nnesen?= Date: Mon, 13 Sep 2021 14:39:08 +0000 Subject: space_server: bond all 3 gigabit ports, and enjoy 3x1G uplink MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Before: - enp1s0: wan - enp2s0: lan (with VLANs) - enp3s0: mgt Changes in this patch: - wan is moved to VLAN id 5 - bond0 is created, replacing lan as lower device for VLANs - mgt config is removed (could be reconfigured as a VLAN, and made a available on a switch port) - all 3 ports are enslaved in bond0 From the switch towards the space server load-balance algorithm src-dst-ip* is used. From the space server towards the switch L3+L4 is used. Therefore a single IP pair will always use the same 1G from the swith to the space server, a client therefore needs to multiplex over multiple IPs in order to *) The src-dst-ip algorithm on the switch hasn't been tested with IPv6 yet. Hopefully we can find a better switch at some point, so we can include the L4 ports in the hashing on the switch. Signed-off-by: Asbjørn Sloth Tønnesen --- roles/space_server/files/nftables.service | 2 ++ 1 file changed, 2 insertions(+) (limited to 'roles/space_server/files/nftables.service') diff --git a/roles/space_server/files/nftables.service b/roles/space_server/files/nftables.service index 54efd9c..2bd976f 100644 --- a/roles/space_server/files/nftables.service +++ b/roles/space_server/files/nftables.service @@ -1,6 +1,7 @@ [Unit] Description=Netfilter Tables Documentation=man:nft(8) +Requires=sys-devices-virtual-net-wan.device Requires=sys-devices-virtual-net-lan10.device Requires=sys-devices-virtual-net-lan11.device Requires=sys-devices-virtual-net-lan12.device @@ -10,6 +11,7 @@ Requires=sys-devices-virtual-net-lan15.device Requires=sys-devices-virtual-net-lan20.device Requires=sys-devices-virtual-net-lan21.device Requires=sys-devices-virtual-net-nat64.device +After=sys-devices-virtual-net-wan.device After=sys-devices-virtual-net-lan10.device After=sys-devices-virtual-net-lan11.device After=sys-devices-virtual-net-lan12.device -- cgit v1.2.1