Shulou(Shulou.com)06/02 Report--

Now many servers have their own dual gigabit network ports, the use of network card binding can not only increase the network bandwidth, but also do the corresponding redundancy, which is currently used in many scenarios. The network card binding mode comes with the Linux operating system. The linux bonding driver provides a setting for bundling multiple network interface devices into a single network interface for network load balancing and network redundancy. Of course, now the network card manufacturers will also provide some network card management software for the windows operating system to do the network card binding (the windows operating system does not have the network card binding function needs third-party support).

I. the application of Bonding

1. Network load balancing

The network load balancing of bonding is commonly used in file servers, such as using three network cards as one to solve the problem of one IP address, excessive traffic and excessive network pressure on the server. If in the intranet, the file server mostly uses the same IP address for the convenience of management and application. For a 100-meter local network, when multiple users use the file server at the same time, the network pressure is great. In order to solve the same IP address and break through the traffic restrictions, after all, the network cable and network card are limited to the data throughput. If in the case of limited resources, to achieve network load balancing, the best way is bonding.

2. Network redundancy

For the server, the stability of network equipment is also more important, especially the network card. Mostly through the redundancy of hardware devices to provide the reliability and security of the server, such as power supply. Bonding can also provide redundant support for network cards. Bind each network card to an IP address, when one network card is physically damaged, the other network card can also provide normal service.

Second, the principle of Bonding

What is bonding needs to start with the promisc mode of the network card. We know that under normal circumstances, the network card only receives the Ethernet frame in which the destination hardware address (MAC Address) is its own Mac and filters out other data frames to reduce the burden on the driver. But the network card also supports another mode called hybrid promisc, which can receive all frames on the network, such as tcpdump, which runs in this mode. Bonding also runs in this mode, and modifies the mac address in the driver to change the Mac address of the two network cards to the same, so that it can receive data frames of a specific mac. Then the corresponding data frames are transmitted to the bond driver for processing.

Third, the mode of Bonding

There are seven Nic binding modes for linux:

Pattern code

Pattern name

Mode and mode

Description

0

(balance-rr) Round-robin policy

Polling strategy

The strategy is to transmit packets in the order of the devices until the last device. This model provides load balancing and fault tolerance.

one

(active-backup) Active-backup policy

Active and standby strategy

Only one device is active in this policy. One is down and the other is immediately switched to the primary device by backup. The mac address is externally visible. This mode provides fault tolerance.

two

(balance-xor) XOR policy

XOR strategy

The strategy is to select transmission devices according to the results of MAC address XOR operation and provide load balancing and fault tolerance.

three

Broadcast policy

Broadcast strategy

The strategy transmits all packets to all interfaces and transmits all data through all devices, providing fault tolerance.

four

(802.3ad) IEEE 802.3ad Dynamic link aggregation

Dynamic link aggregation

This strategy shares the same transmission speed by creating aggregation groups, and requires the switch to support 802.3ad mode and provide fault tolerance.

five

(balance-tlb) Adaptive transmit load balancing

Adapter transmission load balancing

The strategy is to distribute the sent data to each device according to the current load, and the received data is processed by the currently used device. The channel federation of this strategy does not need dedicated switch support and provides load balancing and fault tolerance.

six

(balance-alb) Adaptive load balancing

Adapter load balancing

This strategy includes the adapter transmission load balancing strategy in the case of IPV4. The ARP negotiates the received load, and the channel joint driver intercepts the request sent by ARP in the local system and overwrites the original address of the slave device with the hardware address of one of the devices.

The first kind: bond0:round robin

1. Standard document description

Round-robin policy: Transmit packets in sequential order from the first available slave through the last. This mode provides load balancing and fault tolerance.

2. Characteristics

? Load balancing-all links are in a state of load balance. Messages are sent to each link by polling and based on per packet. The data packets are transmitted sequentially (that is, the first packet goes eth0, the next packet goes eth2..... Go on and on until the last transmission is complete. Ping an address on a machine bound to a dual network card, and you will find that both network cards send out traffic. Load on two links, indicating that polling transmission is based on per packet mode. ? Fault tolerance-the feature of this mode increases bandwidth and supports fault tolerance. When there is a link problem, the traffic will be switched to the normal link. ? Performance problem-if a packet of a connection or session is sent from different interfaces and passes through different links midway, the problem of disorderly arrival of packets will probably occur on the client side. Packets that arrive out of order need to be re-required to be sent, so that the throughput of the network will decline. Under the great pressure of network transmission, the performance of Bond0 is not very ideal. ? Switch support-in this mode, the IP of all bound network cards is modified to the same MAC address. At this time, when the switch receives the packet sent to the MAC address, it will not know which port to forward the data from. In order to solve this problem of the switch, the switch should do port binding, send the data to the logical aggregation port, and then forward the data from multiple ports by the aggregation port.

The second kind: bond1:active-backup

1. Standard document description

Active-backup policy: Only one slave in the bond is active. A different slave becomes active if, and only if, the active slave fails. The bond's MAC address is externally visible on only one port (network adapter) to avoid confusing the switch. This mode provides fault tolerance. The primary option affects the behavior of this mode.

2. Characteristics

? Fault tolerance-only one slave is active (active). In other words, only one network card is working at the same time, and the other slave is in the backup state, which can become active only after the currently activated slave fails. In bonding 2.6.2 and later, if a failover occurs in active-backup mode, bonding will issue one or more ARP requests on the new slave, one of which is for the bonding master interface and each VLAN interface configured on it, ensuring that the interface is configured with at least one IP address. ARP requests for the VLAN interface will be typed with the corresponding VLAN id. ? No load balancing-the advantage of this algorithm is that it can provide high availability of network connections, but its resource utilization is low, only one interface is working, and when there are N network interfaces, the resource utilization is 1xN. ? No switch support is required-the MAC address is externally visible, and from the outside, the MAC address of the bond is unique to avoid confusion in the switch (switch).

The third kind: bond2:load balancing (xor)

1. Standard document description

XOR policy: Transmit based on [(source MAC address XOR'd with destination MAC address) modulo slave count]. This selects the same slave for each destination MAC address. This mode provides load balancing and fault tolerance.

2. Characteristics

? Load balancing and fault tolerance-data packets are transmitted based on the specified transport HASH policy. The default policy is: (source MAC address XOR destination MAC address)% number of slave. Other transport policies can be specified through the xmit_hash_policy option. ? Performance issues-this mode limits traffic to ensure that traffic to a particular peer always comes from the same interface. Since the destination is determined by the MAC address, this mode works well in a "local" network configuration. If all traffic is configured through a single router (such as a "gateway" network configuration, where the source and destination mac are fixed when there is only one gateway, then the algorithm calculates the same line all the time, then this mode does not make much sense. ), then this mode is not the best choice ? Switch support-like balance-rr, the switch port needs to be able to be configured as "port channel". This mode uses the source and target mac to do the hash factor to do the xor algorithm to select the path.

The fourth kind: bond3:fault-tolerance (broadcast)

1. Standard document description

Broadcast policy: transmits everything on all slave interfaces. This mode provides fault tolerance.

2. Characteristics

The characteristic of this mode is that two copies of a message will be copied and sent to the two interfaces under the bond. When the peer switch fails, we will not feel any downtime, but this method is too wasteful of resources. However, this mode has a good fault-tolerant mechanism. This model applies to the financial industry because they need highly reliable networks and do not allow any problems.

The fifth kind: bond4:lacp

1. Standard document description

IEEE 802.3ad Dynamic link aggregation. Creates aggregation groups that share the same speed and duplex settings. Utilizes all slaves in the active aggregator according to the 802.3ad specification. Pre-requisites: 1. Ethtool support in the base drivers for retrieving.the speed and duplex of each slave. 2. A switch that supports IEEE 802.3ad Dynamic link aggregation. Most switches will require some type of configuration to enable 802.3ad mode.

2. Characteristics

The 802.3ad pattern is the IEEE standard, so all peers that implement 802.3ad can interoperate well. The 802.3ad protocol includes automatic configuration of aggregation, so very little manual configuration of the switch is required (it is important to note that only some devices can use 802.3ad). The 802.3ad standard also requires frames to be delivered sequentially (to a certain extent), so usually a single connection does not see packets out of order. 802.3ad also has some disadvantages: the standard requires all devices to aggregate at the same rate and duplex mode, and, like other bonding load balancing modes except balance-rr mode, no connection can use the bandwidth of more than one interface.

In addition, the 802.3ad implementation of linux bonding distributes traffic through the peer (through the XOR value of the MAC address), so in a "gateway" configuration, all outbound (Outgoing) traffic will use the same device. Incoming traffic (Incoming) may also be terminated on the same device, which depends on the balancing strategy in the peer 802.3ad implementation. In a "local" configuration, the two routes will be distributed through devices in bond.

Band4 requires that all ports participating in the binding run the 802.3ad protocol. This approach is similar to but different from band0. In IEEE802.3ad, the Link aggregation Control Protocol (LACP) automatically tells the switch which ports should be aggregated. After the IEEE802.3ad aggregation is configured, the Link aggregation Control Protocol Unit (LACPDU) exchanges between the server and the switch, and LACP informs the switch that the adapter configured in the aggregation should be considered as an adapter on the switch without user intervention. (this should be the case according to the protocol, but there is no command to enable 802.3ad or LACP alone on the H3C5500-EI switch, and all ports of static aggregation in the aggregation group do not enable LACP protocol, so if you follow the mode of band4, it is recommended to manually do dynamic port aggregation on the switch, and manually specify global messages to share the aggregate load according to the source MAC and destination MAC addresses. According to the IEEE802.3ad specification, packets destined for the same IP address are sent through the same adapter. Therefore, when operating in 802.3ad mode, packets are always distributed in a standard (standard) way, not in a Round-Robin (polling) way.

3. Switch-side configuration

Interface AggregatePort 1 configure aggregation port interface GigabitEthernet 0ram 23 port-group 1 mode active interface to turn on lacp active mode interface GigabitEthernet 0ram 24 port-group 1 mode active

4. Necessary conditions

Conditional 1:ethtool supports getting rate and duplex setting conditions for each slave 2:switch (switch) supports IEEE 802.3ad Dynamic link aggregation condition 3: most switch (switches) need to be specifically configured to support 802.3ad mode

Type 6: bond5: transmit load balancing

1. Standard document description

Adaptive transmit load balancing: channel bonding that does not require any special switch support. The outgoing traffic is distributed according to the current load (computed relative to the speed) on each slave. Incoming traffic is received by the current slave. If the receiving slave fails, another slave takes over the MAC address of the failed receiving slave. Prerequisite: Ethtool support in the base drivers for retrieving the speed of each slave.

2. Characteristics

Balance-tlb mode balances outbound (outgoing) traffic through peer-to-peer balancing. Since it is balanced according to MAC addresses, in a "gateway" configuration (as described above), this mode sends all traffic through a single device. However, in a "local" network configuration, this mode balances multiple local network peers in a relatively intelligent manner (not the XOR method mentioned in balance-xor or 802.3ad mode). So those numeric unfortunate MAC addresses (such as XOR getting the same value) will not be aggregated on the same interface.

Unlike 802.3ad, interfaces in this mode can have different rates and do not require a special switch configuration. The downside is that all incoming (incoming) traffic reaches the same interface in this mode; this mode requires some ethtool support for the network device driver of the slave interface; and ARP monitoring is not available.

Seventh: bond6:adaptive load balancing

1 、

Characteristics

This mode includes balance-tlb mode, plus receive load balancing (receive load balance, rlb) for IPV4 traffic, and does not require any switch (switch) support. Receiving load balancing is implemented through ARP negotiation. The bonding driver intercepts the ARP reply sent by the local machine and rewrites the source hardware address to the unique hardware address of a slave in the bond, so that different peers use different hardware addresses to communicate. All ports will receive the arp request message from the peer. When replying to the arp reply, the bond driver module will intercept the arp reply message, calculate it to the corresponding port according to the algorithm, and change the source mac,send source mac of the arp reply message to the corresponding port mac. From the analysis of packet capture, the reply message is the first to be sent from port 1 and the second from port 2. and so on.

(there is another point: in addition to sending a reply message from this port, each port will also send a reply message from other ports, mac or mac from other ports.) in this way, the received traffic from the server will also be balanced.

When the local ARP request is sent, the bonding driver copies and saves the IP information of the peer from the ARP package. When the ARP reply arrives from the peer, the bonding driver extracts its hardware address and initiates an ARP reply to a slave in the bond (the algorithm is the same as above, for example, if you count to 1, send an arp request, and mac uses the mac of 1 for 1 reply). One of the problems with using ARP negotiation for load balancing is that every time an ARP request is broadcast, the hardware address of bond is used, so after the peer learns this hardware address, all received traffic will flow to the current slave. This problem is solved by sending updates (ARP replies) to all peers, sending replies to all ports that contain their unique hardware addresses, causing traffic to be redistributed. Received traffic is also redistributed when a new slave is added to the bond, or when an inactive slave is reactivated. The received load is sequentially distributed (round robin) on the highest speed slave in the bond.

When a link is reconnected, or a new slave is added to the bond, received traffic is redistributed across all currently active slave, and an ARP reply is initiated for each client using the specified MAC address. The updelay parameter described below must be set to a value greater than or equal to the switch (switch) forwarding delay to ensure that ARP replies sent to the peer will not be blocked by switch (switch).

Mode 6 does not work well when the number of machines in the cluster is small, or when the machines span the VLAN or are routed. The difference between mod=6 and mod=0: mod=6, first full of eth0 traffic, then eth2,....ethX; and mod=0, you will find that the traffic of the two ports is very stable, basically the same bandwidth. And mod=6, you will find that the first port traffic is very high, the second port only accounts for a small part of the traffic.

2. Necessary conditions

Conditional 1:ethtool supports getting the rate of each slave

Condition 2: the underlying driver supports setting the hardware address of a device, so that there is always a slave (curr_active_slave) using the hardware address of bond, while ensuring that the slave in each bond has a unique hardware address. If curr_active_slave fails, its hardware address will be taken over by the newly selected curr_active_slave.

IV. Introduction of Bonding parameters

Parameters.

Description

Max_bonds

Specifies the number of bonding devices to create for the bonding driver. For example, if the max_bonds is 3 and the bonding driver has not been loaded, then the bond0,bond1,bond2 will be created. The default value is 1.

Lacp_rate

Specify the rate at which we want the link to transfer LACPDU packets from end to end in 802.3ad mode. Possible options:

Slow or 0 request peer to transmit LACPDU every 30s

Fast or 1 request the peer to transmit LACPDU every 1s

The default value is slow

Downdelay

Specify a time, in milliseconds (ms), to wait for a link failure and then disable an slave. This option is valid only for miimon monitoring. The downdelay value should be an integral multiple of the Miimon value, otherwise it will be rounded to the nearest integer multiple. The default value is 0.

Arp_ip_target

Specify a set of IP addresses for ARP monitoring destinations, which are valid only when arp_interval > 0. These IP addresses are the targets of ARP requests and are used to determine whether the link to the destination address is functioning properly. Multiple IP addresses are separated by commas. Specify at least one IP address. You can specify up to 16 IP addresses. The default value is no IP address.

Arp_interval

Specifies the frequency of ARP link monitoring in milliseconds (ms). If APR monitoring works in Ethernet compatibility mode (mode 0 and mode 2), the switch (switch) needs to be configured to distribute network packets evenly across all links. If the switch (switch) is configured to distribute network packets in XOR mode, all replies from the ARP destination will be received by other devices on the same link, which will cause other devices to fail. ARP monitoring should not be used in conjunction with miimon. Setting to 0 disables ARP monitoring. The default value is 0.

Miimon

Specifies the frequency of MII link monitoring in milliseconds (ms). This determines the frequency at which the driver checks the link state of each slave. 0 disables MII link monitoring. 100 can be used as a good initial reference. The default value is 0.

Mode

Specifies the policy for bonding. The default is balance-rr (round robin, polling policy).

Primary

Specify which slave becomes the master device (primary device), with a value of a string, such as eth0,eth2, etc. As long as the specified device is available, it will always be the active slave. Devices are switched only when the primary device (primary device) is disconnected. This is useful in situations where you want a slave device to be preferred, for example, a slave device with higher throughput. The primary option is valid only for active-backup mode.

Updelay

Specifies the wait time, in milliseconds, before activating a link when a link is found to be restored. This option is valid only for miimon link snooping. The updelay should be an integral multiple of the miimon value, and if not, it will be rounded down to the nearest integer. The default value is 0.

Use_carrier

Specifies whether miimon needs to use MII or ETHTOOL ioctls or netif_carrier_ok () to determine the link state. MII or ETHTOOL ioctls is less efficient and uses old sequences of obsolete calls in the kernel; netif_carrier_ok () relies on device drivers to maintain state (to determine carriers), which is supported by most but not all device drivers at the time of this writing. If bonding always thinks that the link is open, but in fact it is down, it may be because your network device driver does not support netif_carrier_on/off. Because the default state of netif_carrier is "carrier on", if the driver does not support netif_carrier, it will show that the link is always normal. In this case, set use_carrier to 0 so that bonding uses MII/ETHTOOL ictl to determine the link state. Setting this option to 1 will use netif_carrier_ok (), while setting 0 will use obsolete MII/ETHTOOL ioctls, which defaults to 1.

Xmit_hash_policy

Select different hash modes in balance-xor and 802.3ad modes for use in slave elections. Possible values are: layer2 uses the XOR of the hardware MAC address to generate hash. The formula is: (source MAC address XOR destination MAC address)% number of slave this algorithm allocates all traffic on a network pair (network peer) to the same slave. Layer3+4 this strategy uses upper layer protocol information to generate hash when possible. This will allow traffic from a particular network pair (network peer) to be spread across multiple slave, although the same connection (connection) will not be spread across multiple slave. The formula for unsharded TCP and UDP packets is: (source port XOR destination port) XOR ((source IP XOR destination IP) AND 0xFFFF)% number of slave for sharded TCP or UDP packets, as well as other IP packets, the information of source port and destination port is ignored; for non-IP traffic, the same hash policy is adopted as layer2. This strategy is expected to mimic the behavior of certain switches, such as Cisco switches with PFC2, and some Foundry and IBM products. The algorithm is not fully adapted to 802.3ad. A single TCP or UDP session containing both fragmented and unfragmented packets will result in packet delivery on both interfaces, which will lead to delivery disorder. Most traffic will not meet this condition, just as TCP is rarely fragmented, and most UDP traffic does not exist in a long session. Other 802.3ad implementations may not tolerate such inadaptability. The default setting is layer2. This option was added in bonding 2.6.3. In earlier versions, this parameter did not exist, only the layer2 policy.

Reprint other networks, the specific source is unknown, if there is any infringement of the copyright of the original author, please contact, here also thank the original author for sharing.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.