betabug... Sascha Welter

home english | home deutsch | Site Map | Sascha | Kontakt | Pro | Weblog | Wiki

23 December 2012

Playing around with multipath routing on OpenBSD

Two options, two paths

Yesterday the router that was fried in a lightning strike has been replaced. After making the necessary changes to the repeater, I thought it would be a good moment to play around with network stuff, since I have now two network options. There is the reinstated ADSL connection and the mifi that I used as my Plan B.

So I went to the Networking chapter of the OpenBSD FAQ, where I had seen the sample setup for equal-cost multipath routing. I think the instructions are quite clear, but it sure is something that I wanted to try to see how it "feels" and works. Good for me that I have a splendid Laptop with OpenBSD installed, which has an Ethernet port as well as a working wifi card (ok, more or less working, but as long as the router is in the same room, it does work). So my setup is:

  1. ADSL-Connection, passing through an Access Point with OpenWRT that is configured as a repeater. The OpenWRT router has one Ethernet port and here I used that to connect to the em0 interface on the laptop.
  2. Mobile connection (3G / HSDPA, whatever the reception) in the shape of a little "mifi" access point. This little beast is actually faster than the ADSL connection, but then, it's a tiny ADSL connection. I use the iwn0 interface on the laptop to connect to this one.

On the em0 Ethernet interface I set up a static IP in the range 192.168.2.0/24, on the iwn0 wifi interface I have dhcp configured, which gives me an address in 192.168.5.0/24. The last time I tried the mifi with a static address, it didn't like it, something was blocking there, maybe that thing is configured to give access only to DHCP clients in order to be able to limit access to 5 clients? Further investigation will be needed there.

Next thing was to set the sysctl parameter for multipath routing and then to set up the routes, like in the FAQ. Easy enough, I could ping both gateways... but then, I couldn't actually get further out from one of the gateways. Looking at the routes, they had different priorities: em0 had 8, iwn0 12. Maybe this was an effect of having one of the routes created by dhclient. In any case I flushed the routes and created them new, setting -priority 8 on both of them. That did the trick.

Now looking at netstat -r they both had the same priority and both started to have increasing numbers in the "Use" column. The "P" flag for multipath was also present in the routes. Then I opened to terminals with ntop and had fun for a while watching various connections pop up on each interface. The effect could also be felt: I uploaded something big, which likely saturated one of the (tiny) uplinks, but still I was typing in ssh without any delay. Sure I have a nice pf setup with queues and ACK priorization, but with such an upload still there is a little delay noticeable. With the dual uplinks, it seems that the connections balanced out better. Definitely though, the max speed of a connection is defined by the speed of each one of the interfaces, not by the sum of both of them.

I haven't yet understood every detail of how this works, e.g. what algorithm is used to balance connections or which interface is chosen. I guess that once opened, a connection stays on the same interface, as some protocols won't take it well if your source IP jumps around (also see some explanations here). Definitely it also does not do "fail over" out of the box, but there are various solutions for that.

Conclusion: Using this on my laptop is not going to be something that I will do every day. But using an OpenBSD router for example in an office setup, where multiple people access the internet, it could be a nice option. Combine two or more cheaper Internet connections and have people not hinder each other, no matter if someone downloads or uploads some bigger files for a while. Then add some failover capabilities and connectivity through different ISPs and you will gain a little bit of uptime too.


Posted by betabug at 18:16 | Comments (0) | Trackbacks (0)
ch athens
Life in Athens (Greece) for a foreigner from the other side of the mountains. And with an interest in digital life and the feeling of change in a big city. Multilingual English - German - Greek.
Main blog page
Recent Entries
Best of
Some of the most sought after posts, judging from access logs and search engine queries.

Apple & Macintosh:
Security & Privacy:
Misc technical:
Athens for tourists and visitors:
Life in general:
<< Public - ποιον κοροϊδεύετε με αυτήν την τιμή; | Main | An Experiment with PC-BSD on the Thinkpad X220 >>
Comments
There are no comments.
Trackbacks
You can trackback to: http://betabug.ch/blogs/ch-athens/1297/tbping
There are no trackbacks.
Leave a comment