Sunday, December 31, 2017

Re: trunk0 link aggregation interface and PF rules not working

deniza@mindall.org (Denis), 2017.12.30 (Sat) 13:15 (CET):
> Trying to make aggregation using two wireless interfaces on OpenBSD 6.1
> amd64 but unsuccessful.
>
> Both wireless interfaces successfully connects to its networks and have

these are different networks?

> DHCP assigned IP addresses.
> Both configs are listed below:
>
> $ cat /etc/hostname.iwn0
> dhcp bssid BSSID_MAC nwid NWID wpa wpakey WPAKEY wpaprotos wpa2
> $ cat /etc/hostname.athn0
> dhcp bssid BSSID_MAC1 nwid NWID1 wpa wpakey WPAKEY1 wpaprotos wpa2

"dhcp" - but trunkport interfaces do not have the IP themselves!

> For trunk0 intefrace I have assigned different modes available while
> testing: failover, lacp, and loadbalance
>
> $cat /etc/hostname.trunk0
> trunkproto failover trunkport iwn0 trunkport athn0 192.168.20.1 netmask
> 255.255.255.0
> #trunkproto lacp trunkport iwn0 trunkport athn0 192.168.20.1 netmask
> 255.255.255.0
> #trunkproto loadbalance trunkport iwn0 trunkport athn0 192.168.20.1
> netmask 255.255.255.0

do not assign an IP and run dhclient on trunk0!

> By PF I set trunk0 as an egress interface in PF instead of previously

PF does not set the egress interface, it just happens to know where the
default route points to

> used athn0 and iwn0 for outgoing traffic.
>
> #cat /etc/pf.conf
> ....
> ext_if trunk0
> #ext_if athn0
> #ext_if iwn0

Where's the interesting part of pf.conf(5)?

> $cat /etc/sysctl.conf
> ....
> net.inet.ip.forwarding=1
> #net.inet.ip.mforwarding=1
> #net.inet.ip.multipath=1

No need for that unless you use the machine with the two wireless
interfaces as a router.

> No traffic goes over trunk0,

How is your system supposed to know you want your packets delivered via
trunk0? No route points towards it, exept the one for 192.168.20.1, I
suppose. Show the routes! (netstat -anrfinet)

> but all perfectly works if I reverse my PF config to iwn0 or athn0
> interfaces as egress ones.

PF just shows your problems, it is not the cause.

> Please give an advice what I'm doing wrong.

sorry to put it that bluntly, but read trunk(4), EXAMPLES:

# ifconfig em0 up
# ifconfig ath0 nwid my_net up
# ifconfig trunk0 trunkproto failover trunkport em0 trunkport ath0 \
192.168.1.1 netmask 255.255.255.0

The trunkport interfaces do not have an IP config. The trunkX has!

Happy new year, Marcus

No comments:

Post a Comment