Versions Compared

Old Version 30

changes.mady.by.user Edgars P.

Saved on

compared with

New Version Current

changes.mady.by.user Edgars P.

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Table of Contents

Summary

...

Bonding is a technology that allows aggregation of multiple ethernet-like interfaces into a single virtual link, thus getting higher data rates and providing failover. 

Note

Interface bonding does not create an interface with a larger link speed. Interface bonding creates a virtual interface that can load balance traffic over multiple interfaces. More details can be found in the LAG interfaces and load balancing page.


Info

CRS3xx, CRS5xx series switches, CCR2116, CCR2216 routers and 88E6393X, 88E6191X, 88E6190 switch chips support bridge hardware offloading with bonding interfaces. Only 802.3ad and balance-xor bonding modes are hardware offloaded, other bonding modes will use the CPU's resources. The built-in switch chip will always use Layer2+Layer3+Layer4 for a transmit hash policy, changing the transmit hash policy manually will have no effect. See more details on CRS3xx, CRS5xx, CCR2116, CCR2216 switch chip features.


Quick Setup Guide

...

Let us assume that we have two Ethernet interfaces on each router (Router1 and Router2) and want to get the maximum data rate between these two routers. To make this possible, follow these steps:

...

ARP monitoring sends ARP queries and uses the response as an indication that the link is operational. The ARP replies are not validated, so any received packet by the slave interface will result in the slave interface considered as active. This gives assurance that traffic is actually flowing over the links. If balance-rr and balance-xor modes are set, then the switch should be configured to evenly distribute packets across all links. Otherwise, all replies from the ARP targets will be received on the same link which could cause other links to fail. ARP monitoring is enabled by setting three properties - link-monitoring, arp-ip-targets and arp-interval. The meaning of each option is described later in this article. It is possible to specify multiple ARP targets that can be useful in High Availability setups. If only one target is set, the target itself may go down. Having additional targets increases the reliability of the ARP monitoring.

...

No additional configuration is required for the switch. The image above illustrates how balance-tlb mode works. As you can see router can communicate to all the clients connected to the switch with a total bandwidth of both links (15Mbps). But as you already know, balance-tlb is not balancing incoming traffic. In our example, clients can communicate to the router with a total bandwidth of primary link which is 10Mbps in our configuration.

balance-alb

The mode is basically the same as balance-tlb but incoming IPv4 traffic is also balancedis basically the same as balance-tlb but incoming IPv4 traffic is also balanced. The receive load balancing is achieved by ARP negotiation. The bonding driver intercepts locally generated ARP messages on their way out and overwrites the source hardware address with the unique address of one of the slaves in the bond such that different peers use different hardware addresses. Only MII link monitoring is supported (ARP link monitoring is ignored when configured), the additional  downside downside of this mode is that it requires device driver capability to change MAC address. The mode is not compatible with local-proxy-arp setting.


The image above illustrates how balance-alb mode works. Compared to balance-tlb mode, traffic from clients can also use the secondary link to communicate with the router.

...

PropertyDescription
port (interface)Used bonding port
key (integer)Shows the local LACP aggregation key, a unique key is generated and used by all bonding ports that are configured on the same LACP group
port
key (integer)Shows the local LACP aggregation key. The lower 6 bits are automatically assigned based on individual port link speed and duplex. The upper 10 bits can be manually specified using the lacp-user-key setting (available only since RouterOS v7.3). 
flags (string)

Shows the local LACP flags:

A - activity (link is active, otherwise passive)
T - timeout (link is using short 1-second timeout, otherwise using 30-second timeout)
G - aggregation (link can be aggregatable)
S - synchronization (link is synchronized)
C - collecting (link is able to collect incoming frames)
D - distributing (link is able to distribute outgoing frames)
F - defaulted (link is using defaulted partner information, indicated that no LACPDU has been received from the partner)
E - expired (link has expired state)

partner-sys-id (MAC address)Shows the partner LACP system ID
partner-sys-priority (integer)Shows the partner LACP priority
partner-key (integer)key (integer)Shows the partner LACP aggregation keyShows the partner LACP aggregation key, a unique key is generated and used by all bonding ports that are configured on the same LACP group
partner-flags (string)Shows the partner LACP flags

...

PropertyDescription
arp (disabled | enabled | proxy-arp | reply-only; Default: enabled)Address Resolution Protocol for the interface.
  • disabled - the interface will not use ARP
  • enabled - the interface will use ARP
  • proxy-arp - the interface will use the ARP proxy feature
  • reply-only - the interface will only reply to requests originated from matching IP address/MAC address combinations which are entered as static entries in the "/ip arp" table. No dynamic entries will be automatically stored in the "/ip arp" table. Therefore for communications to be successful, a valid static entry must already exist.
arp-interval (time; Default: 00:00:00.100)Time in milliseconds defines how often to monitor ARP requests
arp-ip-targets (IP address; Default: )IP target address which will be monitored if link-monitoring is set to arp. You can specify multiple IP addresses, separated by a comma
comment (string; Default: )Short description of the interface
disabled (yes | no; Default: no)Changes whether the bonding interface is disabled
down-delay (time; Default: 00:00:00)If a link failure has been detected, the bonding interface is disabled for a down-delay time. The value should be a multiple of mii-interval, otherwise, it will be rounded down to the nearest value. This property only has an effect when link-monitoring is set to mii.
forced-mac-address (MAC address; Default: none)By default, the bonding interface will use the MAC address of the first selected slave interface. This property allows to configure static MAC address for the bond interface (all zeros, broadcast or multicast addresses will not apply). RouterOS will automatically change the MAC address for slave interfaces and it will be visible in /interface ethernet configuration export
lacp-rate (1sec | 30secs; Default: 30secs)Link Aggregation Control Protocol rate specifies how often to exchange with LACPDUs between bonding peers. Used to determine whether a link is up or other changes have occurred in the network. LACP tries to adapt to these changes providing failover.
lacp-user-key (integer: 0..1023; Default: 0)Specifies the upper 10 bits of the port key. The lower 6 bits are automatically assigned based on individual port link speed and duplex. The setting is available only since RouterOS v7.3.
link-monitoring (arp | mii | none; Default: mii)Method to use for monitoring the link (whether it is up or down)
  • arp - uses Address Resolution Protocol to determine whether the remote interface is reachable
  • mii - uses Media Independent Interface to determine link status. Link status determination relies on the device driver.
  • none - no method for link monitoring is used.
Note: some bonding modes require specific link monitoring to work properly.
min-links (integer: 0..4294967295; Default: 0)How many active slave links needed for bonding to become active
mii-interval (time; Default: 00:00:00.100)How often to monitor the link for failures (the parameter used only if link-monitoring is mii)
mlag-id (integer: 0..4294967295; Default:)Changes MLAG ID for bonding interface. The same MLAG ID should be used on both peer devices to successfully create a single MLAG. See more details on MLAG.
mode (802.3ad | active-backup | balance-alb | balance-rr | balance-tlb | balance-xor | broadcast; Default: balance-rr)Specifies one of the bonding policies
  • 802.3ad - IEEE 802.3ad dynamic link aggregation. In this mode, the interfaces are aggregated in a group where each slave shares the same speed. It provides fault tolerance and load balancing. Slave selection for outgoing traffic is done according to the transmit-hash-policy more>
  • active-backup - provides link backup. Only one slave can be active at a time. Another slave only becomes active, if the first one fails. more>
  • balance-alb - adaptive load balancing. The same as balance-tlb but received traffic is also balanced. The device driver should have support for changing it's MAC address. more>
  • balance-rr - round-robin load balancing. Slaves in a bonding interface will transmit and receive data in sequential order. It provides load balancing and fault tolerance. more>
  • balance-tlb - Outgoing traffic is distributed according to the current load on each slave. Incoming traffic is not balanced and is received by the current slave. If receiving slave fails, then another slave takes the MAC address of the failed slave. more>
  • balance-xor - Transmit based on the selected transmit-hash-policy. This mode provides load balancing and fault tolerance. more>
  • broadcast - Broadcasts the same data on all interfaces at once. This provides fault tolerance but slows down traffic throughput on some slow machines. more>
mtu (integer; Default: 1500)Maximum Transmit Unit in bytes. Must be smaller or equal to the smallest L2MTU value of a bonding slave. L2MTU of a bonding interface is determined by the lowest L2MTU value among its slave interfaces
name (string; Default: )Name of the bonding interface
primary (string; Default: none)Controls the primary interface between active slave ports, works only for active-backup, balance-tlb and balance-alb modes. For active-backup mode, it controls which running interface is supposed to send and receive the traffic. For balance-tlb mode, it controls which running interface is supposed to receive all the traffic, but for balance-alb mode, it controls which interface is supposed to receive the unbalanced traffic (the non-IPv4 traffic). When none of the interfaces are selected as primary, device will automatically select the interface that is configured as the first one.
slaves (string; Default: none)At least two ethernet-like interfaces separated by a comma, which will be used for bonding
up-delay (time; Default: 00:00:00)If a link has been brought up, the bonding interface is disabled for up-delay time and after this time it is enabled. The value should be a multiple of mii-interval, otherwise, it will be rounded down to the nearest value. This property only has an effect when link-monitoring is set to mii.
transmit-hash-policy (layer-2 | layer-2-and-3 | layer-3-and-4; Default: layer-2)Selects the transmit hash policy to use for slave selection in balance-xor and 802.3ad modes
  • layer-2 - Uses XOR of hardware MAC addresses to generate the hash. This algorithm will place all traffic to a particular network peer on the same slave. This algorithm is 802.3ad compliant.
  • layer-2-and-3 - This policy uses a combination of layer2 and layer3 protocol information to generate the hash. Uses XOR of hardware MAC addresses and IP addresses to generate the hash. This algorithm will place all traffic to a particular network peer on the same slave. For non-IP traffic, the formula is the same as for the layer2 transmit hash policy. This policy is intended to provide a more balanced distribution of traffic than layer2 alone, especially in environments where a layer3 gateway device is required to reach most destinations. This algorithm is 802.3ad compliant.
  • layer-3-and-4 - This policy uses upper layer protocol information, when available, to generate the hash. This allows for traffic to a particular network peer to span multiple slaves, although a single connection will not span multiple slaves. For fragmented TCP or UDP packets and all other IP protocol traffic, the source and destination port information is omitted. For non-IP traffic, the formula is the same as for the layer2 transmit hash policy. This algorithm is not fully 802.3ad compliant.

...