Interface Priority, or Active / StandBy Interfaces ?!

Hi,

I want to configure VyOS which has 2 interfaces, a 10G interface and a 1G interface, and I want to allow both interfaces with same 802.1Q VLANs, 1130, 1135, and 1140.

What I want to do is allow traffic from the 10G interface, and make the 1G interface as a backup interface so whenever 10G interface is down, traffic should go through 1G interface.

A bit lost, how can I achieve this ?

Thank You

Hi,

I think Bond / Link Aggregation is what you are looking for. Create a bond interface and set the 10G link (e.g. eth0) as primary.

Try a configuration like this:

set interfaces bonding bond0 member interface eth0
set interfaces bonding bond0 member interface eth1
set interfaces bonding bond0 mode active-backup
set interfaces bonding bond0 primary eth0
set interfaces bonding bond0 vif 1130 ...
set interfaces bonding bond0 vif 1135 ...
set interfaces bonding bond0 vif 1140 ...

Thanks @I-n-d-y

Wouldn’t LACP require both interfaces to have same specification such as same speed ?!

In my case 1 interface is 10G and 1 is 1G.

LACP is not used in my example. It is using a static link configuration.

Sorry, then I misunderstood…

You mean to just create an interface bond…

Unless I’m misunderstanding, I’ll try this, thanks…

You could do this using LACP but for that to work the other end of the cables must run LACP aswell.

Also dunno how happy LACP is with asymetric bandwidth - sometimes this can be fixed by adding a cost or bandwidth parameter.

A bonding that doesnt require config on the opposite side is TLB (transmission load balancing).

Another method is to solve this with L3 either statically or dynamicaly (like with BGP or such along with BFD for fast failover).

1 Like

Thanks for adding more information, for now I will test bonding if it does what I want to, I’m hoping it does…

I got to know about WAN load balancing, it has interface failover as well, is it any different to bonding ?

Says the below about failover…

In failover mode, one interface is set to be the primary interface and other interfaces are secondary or spare. Instead of balancing traffic across all healthy interfaces, only the primary interface is used and in case of failure, a secondary interface selected from the pool of available interfaces takes over.

Edit

Never mind, it also says…

WAN Load Balacing should not be used when dynamic routing protocol is used/needed. This feature creates customized routing tables and firewall rules, that makes it incompatible to use with routing protocols.

Yeah the WAN Load Balancing is the easy way to do this L3 style.

Or you do it manually with BGP, OSPF, ISIS, RIP or whatever you prefer along with adding BFD for fast convergence (detecting if a physical path is down instead of waiting for the routing protocol to detect this).

This way you could also add costs/bandwidth to get the ratio between available links along with using active/passive or active/active with equal cost multipath (ECMP) or unequal cost multipath (UCMP).

It often boils down to taste and what physical gear you might have in between - like do you need to forward the VLAN tagged frames as is or is it fine to terminate them in your VyOS and then route the packets to nexthop? Often a design choice aswell (for example I prefer to use L2-switches in front of my firewalls so that the firewalls becomes the gateway for servers and clients and by that easier to filter traffic between segments).

Thanks @Apachez

Very valuable information…