What's new

[How-To] Link Aggregation/LACP on RT-AC68U/W/R/P

  • Thread starter Deleted member 28123
  • Start date
  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Thanks for your post AtAM1, I've been looking for how to setup Link Aggregation on my AC68U and luckily I found it.

But I have the doubt of how to make it work with my current setup and I hope you could help me since my technical knowledge is quite limited.

On services-start, I have this running now needed to setup vlan2 on wan port for IPTV purposes. Also vlan6 is configured on WAN port for internet access. The LAN ports are just under vlan1. On the switch, I also have configured vlans 1,2,6

services-start

#!/bin/sh
MOVISTAR_TV_IP=10.76.90.111
MOVISTAR_TV_MASK=255.192.0.0
MOVISTAR_TV_GW=10.64.0.1

robocfg vlan 2 ports "0t 5t"
vconfig add eth0 2

ifconfig vlan2 $MOVISTAR_TV_IP netmask $MOVISTAR_TV_MASK up

ip route add to 172.26.0.0/16 via $MOVISTAR_TV_GW
ip route add to 172.23.0.0/16 via $MOVISTAR_TV_GW
/usr/sbin/igmpproxy /jffs/configs/igmpproxy.conf

The router is conected via WAN port to a switch were the ONT is also connected. I also have one LAN router port to the switch but I would like to connect 2 ports with Link Aggregation also supported by the switch but I don't care which of them (could be 3 & 4 as your sample).

Thank you in advance!!
 
Thanks for your post AtAM1, I've been looking for how to setup Link Aggregation on my AC68U and luckily I found it.

But I have the doubt of how to make it work with my current setup and I hope you could help me since my technical knowledge is quite limited.

On services-start, I have this running now needed to setup vlan2 on wan port for IPTV purposes. Also vlan6 is configured on WAN port for internet access. The LAN ports are just under vlan1. On the switch, I also have configured vlans 1,2,6

services-start

#!/bin/sh
MOVISTAR_TV_IP=10.76.90.111
MOVISTAR_TV_MASK=255.192.0.0
MOVISTAR_TV_GW=10.64.0.1

robocfg vlan 2 ports "0t 5t"
vconfig add eth0 2

ifconfig vlan2 $MOVISTAR_TV_IP netmask $MOVISTAR_TV_MASK up

ip route add to 172.26.0.0/16 via $MOVISTAR_TV_GW
ip route add to 172.23.0.0/16 via $MOVISTAR_TV_GW
/usr/sbin/igmpproxy /jffs/configs/igmpproxy.conf

The router is conected via WAN port to a switch were the ONT is also connected. I also have one LAN router port to the switch but I would like to connect 2 ports with Link Aggregation also supported by the switch but I don't care which of them (could be 3 & 4 as your sample).

Thank you in advance!!

Hi there.. Your WAN setup is non-standard (default is vlan2 for WAN/Internet access) - are you connecting to 2 WAN services (ONT+Internet) via the switch, using vlan2+vlan6, which is also connected to your router's WAN port? If so, how did you configure vlan6 on the router?

I also need the outputs of:

1. robocfg show
2. brctl show
3. ifconfig
4. nvram show | grep -E 'vlan|et0|devs'
5. iptables -L INPUT -vn

Cheers
 
Hi there.. Your WAN setup is non-standard (default is vlan2 for WAN/Internet access) - are you connecting to 2 WAN services (ONT+Internet) via the switch, using vlan2+vlan6, which is also connected to your router's WAN port? If so, how did you configure vlan6 on the router?

I also need the outputs of:

1. robocfg show
2. brctl show
3. ifconfig
4. nvram show | grep -E 'vlan|et0|devs'
5. iptables -L INPUT -vn

Cheers

Thanks for your reply. Yes, you are right. The ISP provides Internet and IPTV via FTTH using 2 vlans on WAN interface (6 for internet and 2 for IPTV). It is not my case but normally they provide a third vlan on WAN for VoIP (vlan3). vlan6 is configured in the LAN-IPTV menu (see picture)

Here the outputs I got:

1. robocfg show
Switch: enabled
Port 0: 1000FD enabled stp: none vlan: 2 jumbo: off mac: 00:16:c7:58:66:c0
Port 1: DOWN enabled stp: none vlan: 1 jumbo: off mac: 00:00:00:00:00:00
Port 2: DOWN enabled stp: none vlan: 1 jumbo: off mac: 00:00:00:00:00:00
Port 3: 1000FD enabled stp: none vlan: 1 jumbo: off mac: 00:11:32:36:9d:91
Port 4: DOWN enabled stp: none vlan: 1 jumbo: off mac: 00:00:00:00:00:00
Port 8: DOWN enabled stp: none vlan: 2 jumbo: off mac: 00:00:00:00:00:00
VLANs: BCM5301x enabled mac_check mac_hash
1: vlan1: 1 2 3 4 5t
2: vlan2: 0t 5t
6: vlan6: 0t 5t
56: vlan56: 0 3t 4 5t 7 8t
57: vlan57: 2 5t
58: vlan58: 1t 7 8t
59: vlan59: 1t 3t 4 7
60: vlan60: 1t 2 4
61: vlan61: 1t 3t 4 5 8t
62: vlan62: 1 2t 4 7t


2. brctl show
bridge name bridge id STP enabled interfaces
br0 8000.f0795976b420 yes vlan1
eth1
eth2


3. ifconfig
br0 Link encap:Ethernet HWaddr F0:79:59:76:B4:20
inet addr:192.168.1.1 Bcast:192.168.1.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:36851557 errors:0 dropped:0 overruns:0 frame:0
TX packets:59096620 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:28161097319 (26.2 GiB) TX bytes:46618361900 (43.4 GiB)

eth0 Link encap:Ethernet HWaddr F0:79:59:76:B4:20
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:262050307 errors:0 dropped:0 overruns:0 frame:0
TX packets:259173366 errors:15 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:1223100195 (1.1 GiB) TX bytes:3050283777 (2.8 GiB)
Interrupt:179 Base address:0x4000

eth1 Link encap:Ethernet HWaddr F0:79:59:76:B4:20
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:1517305 errors:0 dropped:0 overruns:0 frame:7098521
TX packets:4674974 errors:19 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:344353211 (328.4 MiB) TX bytes:1869250456 (1.7 GiB)
Interrupt:163

eth2 Link encap:Ethernet HWaddr F0:79:59:76:B4:24
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:85538 errors:0 dropped:0 overruns:0 frame:3228
TX packets:484631 errors:16 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:54461164 (51.9 MiB) TX bytes:141054444 (134.5 MiB)
Interrupt:169

lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MULTICAST MTU:16436 Metric:1
RX packets:1926 errors:0 dropped:0 overruns:0 frame:0
TX packets:1926 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:229223 (223.8 KiB) TX bytes:229223 (223.8 KiB)

ppp0 Link encap:point-to-Point Protocol
inet addr:83.41.210.146 P-t-P:80.58.67.176 Mask:255.255.255.255
UP POINTOPOINT RUNNING MULTICAST MTU:1492 Metric:1
RX packets:58956197 errors:0 dropped:0 overruns:0 frame:0
TX packets:60709988 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:3
RX bytes:2748738705 (2.5 GiB) TX bytes:1665216276 (1.5 GiB)

vlan1 Link encap:Ethernet HWaddr F0:79:59:76:B4:20
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:65074511 errors:0 dropped:0 overruns:0 frame:0
TX packets:198384573 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:59024141167 (54.9 GiB) TX bytes:228053958767 (212.3 GiB)

vlan2 Link encap:Ethernet HWaddr F0:79:59:76:B4:20
inet addr:10.76.90.111 Bcast:10.127.255.255 Mask:255.192.0.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:137983144 errors:0 dropped:0 overruns:0 frame:0
TX packets:19936 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:179229415945 (166.9 GiB) TX bytes:1205006 (1.1 MiB)

vlan6 Link encap:Ethernet HWaddr 00:11:32:36:9D:91
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:58992652 errors:0 dropped:0 overruns:0 frame:0
TX packets:60768856 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:46407573363 (43.2 GiB) TX bytes:53967684158 (50.2 GiB)


4. nvram show | grep -E 'vlan|et0|devs'
et0macaddr=F0:79:59:76:B4:20
et0mdcport=0
wan0_ifname=vlan6
vlan2ports=0 5u
wl0_vlan_prio_mode=off
vlan2hwname=et0
wl_vlan_prio_mode=off
lan_ifnames=vlan1 eth1 eth2
wan_ifnames=vlan6
vlan1hwname=et0
vlan1ports=1 2 3 4 5*
wandevs=et0
size: 48426 bytes (17110 left)
et0phyaddr=30
landevs=vlan1 wl0 wl1
wl1_vlan_prio_mode=off


5. iptables -L INPUT -vn
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
138M 179G ACCEPT udp -- vlan2 * 0.0.0.0/0 224.0.0.0/4 udp
3502 126K ACCEPT 2 -- vlan2 * 0.0.0.0/0 224.0.0.0/4
44 2272 DROP icmp -- ppp0 * 0.0.0.0/0 0.0.0.0/0 icmptype 8
14732 1109K DROP all -- ppp0 * 0.0.0.0/0 0.0.0.0/0 state INVALID
103K 24M ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
1595 180K ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0 state NEW
276K 55M ACCEPT all -- br0 * 0.0.0.0/0 0.0.0.0/0 state NEW
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp spt:67 dpt:68
1648 84808 ACCEPT tcp -- * * 0.0.0.0/0 192.168.1.1 tcp dpt:80
0 0 ACCEPT tcp -- * * 0.0.0.0/0 192.168.1.1 tcp dpt:8443
6 312 ACCEPT tcp -- ppp0 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:24
5 200 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp !type 8
43754 2714K DROP all -- * * 0.0.0.0/0 0.0.0.0/0



Thanks !!
Cheers
 

Attachments

  • VLAN6.png
    VLAN6.png
    280.9 KB · Views: 870
@rioreal2 Thanks but I forgot to ask, what type of switch do you have? Make/Model would help in identifying the available configuration options.
 
Last edited by a moderator:
Thanks for your reply. Yes, you are right. The ISP provides Internet and IPTV via FTTH using 2 vlans on WAN interface (6 for internet and 2 for IPTV). It is not my case but normally they provide a third vlan on WAN for VoIP (vlan3). vlan6 is configured in the LAN-IPTV menu (see picture)

Thanks !!
Cheers

Here you go:
* Backup your current nvram/jffs using @john9527 nvram save/restore utility @ http://smallnetbuilderforums.com/threads/user-nvram-save-restore-utility-r21.19521/
** Reboot once you have completed all steps and after connecting the second cable


STEP 1 - NVRAM Edits
Code:
nvram set vlan4ports="3 5t"
nvram set vlan5ports="4 5t"
nvram set vlan4hwname=et0
nvram set vlan5hwname=et0
nvram commit

STEP 2 - service-start Edits (append)
Code:
sleep 2s
# Logger Services
logger -t "($(basename $0))" $$ SERVICES-START being started....

logger -t "($(basename $0))" $$ Bonding ports 3 and 4 commencing....
# Pre-Bonding
robocfg vlan 1 ports "1 2 5*"

# Bonding
sleep 2s
modprobe bonding
# Setting mode to 802.3ad
echo 802.3ad > /sys/class/net/bond0/bonding/mode
# Setting LACP rate to fast
echo fast > /sys/class/net/bond0/bonding/lacp_rate
# Setting MII monitoring interval to 50
echo 50 > /sys/class/net/bond0/bonding/miimon
# Setting xmit hash policy to layer3+4
echo 1 > /sys/class/net/bond0/bonding/xmit_hash_policy
ip link set bond0 up
echo +vlan4 > /sys/class/net/bond0/bonding/slaves
echo +vlan5 > /sys/class/net/bond0/bonding/slaves
brctl addif br0 bond0

# Post-Bonding
sleep 2s
logger -t "($(basename $0))" $$ Bonding Status....
cat /proc/net/bonding/bond0 | sed 's/^/+++  /' | logger

STEP 3 - firewall-script Edits
Code:
#!/bin/sh
# Bonding IPtables rules
iptables -I INPUT -i vlan4 -j ACCEPT
iptables -I INPUT -i vlan5 -j ACCEPT
iptables -I INPUT -i bond0 -j ACCEPT

# Firewall/IPtables Performance Tweak for Bond0 to be placed right after the above bonding rules and before your custom rules - if any.
iptables -D INPUT `iptables --line-numbers -nL INPUT | grep ESTABLISHED | tail -n1 | awk '{print $1}'`
iptables -I INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT

STEP 4 - Switch config
-Enable Lag/LACP profile for the switch ports that are connected to ports 3 and 4 of the router with LAG Type - LACP and Hash Algorithm - SRC MAC + DST MAC

According to the user manual of your switch
- It’s not suggested to add the ports with ARP Inspection and DoS Defend enabled to the LAG.
- The ports, which are enabled for the half-duplex,Port Security,Port Mirror,MAC Address,Filtering,Static MAC Address Binding and 802.1X Authentication, cannot be added to the LAG.

Report back with the outputs of:
*** Run the ping command on a laptop/desktop, connected via Wifi and a second time via an ethernet cable connected to a regular port on the switch (switch's default vlan should be 1)

1. robocfg show
2. brctl show
3. ifconfig
4. nvram show | grep -E 'vlan|et0|devs'
5. iptables -L INPUT -vn
6. ping -c 5 192.168.1.1 && ping -c 5 10.76.90.111 && ping -c 5 10.64.0.1 && ping -c 5 172.26.0.1 && ping -c 5 172.23.0.1 && ping -c 5 8.8.8.8 && ping -c 5 google.com
 
Here you go:
* Backup your current nvram/jffs using @john9527 nvram save/restore utility @ http://smallnetbuilderforums.com/threads/user-nvram-save-restore-utility-r21.19521/
** Reboot once you have completed all steps and after connecting the second cable


STEP 1 - NVRAM Edits
Code:
nvram set vlan4ports="3 5t"
nvram set vlan5ports="4 5t"
nvram set vlan4hwname=et0
nvram set vlan5hwname=et0
nvram commit

STEP 2 - service-start Edits (append)
Code:
sleep 2s
# Logger Services
logger -t "($(basename $0))" $$ SERVICES-START being started....

logger -t "($(basename $0))" $$ Bonding ports 3 and 4 commencing....
# Pre-Bonding
robocfg vlan 1 ports "1 2 5*"

# Bonding
sleep 2s
modprobe bonding
# Setting mode to 802.3ad
echo 802.3ad > /sys/class/net/bond0/bonding/mode
# Setting LACP rate to fast
echo fast > /sys/class/net/bond0/bonding/lacp_rate
# Setting MII monitoring interval to 50
echo 50 > /sys/class/net/bond0/bonding/miimon
# Setting xmit hash policy to layer3+4
echo 1 > /sys/class/net/bond0/bonding/xmit_hash_policy
ip link set bond0 up
echo +vlan4 > /sys/class/net/bond0/bonding/slaves
echo +vlan5 > /sys/class/net/bond0/bonding/slaves
brctl addif br0 bond0

# Post-Bonding
sleep 2s
logger -t "($(basename $0))" $$ Bonding Status....
cat /proc/net/bonding/bond0 | sed 's/^/+++  /' | logger

STEP 3 - firewall-script Edits
Code:
#!/bin/sh
# Bonding IPtables rules
iptables -I INPUT -i vlan4 -j ACCEPT
iptables -I INPUT -i vlan5 -j ACCEPT
iptables -I INPUT -i bond0 -j ACCEPT

# Firewall/IPtables Performance Tweak for Bond0 to be placed right after the above bonding rules and before your custom rules - if any.
iptables -D INPUT `iptables --line-numbers -nL INPUT | grep ESTABLISHED | tail -n1 | awk '{print $1}'`
iptables -I INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT

STEP 4 - Switch config
-Enable Lag/LACP profile for the switch ports that are connected to ports 3 and 4 of the router with LAG Type - LACP and Hash Algorithm - SRC MAC + DST MAC

According to the user manual of your switch
- It’s not suggested to add the ports with ARP Inspection and DoS Defend enabled to the LAG.
- The ports, which are enabled for the half-duplex,Port Security,Port Mirror,MAC Address,Filtering,Static MAC Address Binding and 802.1X Authentication, cannot be added to the LAG.

Report back with the outputs of:
*** Run the ping command on a laptop/desktop, connected via Wifi and a second time via an ethernet cable connected to a regular port on the switch (switch's default vlan should be 1)

1. robocfg show
2. brctl show
3. ifconfig
4. nvram show | grep -E 'vlan|et0|devs'
5. iptables -L INPUT -vn
6. ping -c 5 192.168.1.1 && ping -c 5 10.76.90.111 && ping -c 5 10.64.0.1 && ping -c 5 172.26.0.1 && ping -c 5 172.23.0.1 && ping -c 5 8.8.8.8 && ping -c 5 google.com

WOW, I must say THANK YOU for your kind support. I won't be able to test it today but I hope tomorrow and I will post the outputs afterwards.

Cheers
 
Here we go. I followed your instructions a here are the outputs. Issues I noticed are that, I cannot access IPTV services; from router WiFi I access internet normally but from a WiFi access point connected to the switch sometimes fails to access.

1. robocfg show

Switch: enabled
Port 0: 1000FD enabled stp: none vlan: 2 jumbo: off mac: 00:16:c7:58:66:c0
Port 1: DOWN enabled stp: none vlan: 1 jumbo: off mac: 00:00:00:00:00:00
Port 2: DOWN enabled stp: none vlan: 1 jumbo: off mac: 00:00:00:00:00:00
Port 3: 1000FD enabled stp: none vlan: 4 jumbo: off mac: 00:11:32:36:9d:91
Port 4: 1000FD enabled stp: none vlan: 5 jumbo: off mac: e8:de:27:7d:54:7c
Port 8: DOWN enabled stp: none vlan: 2 jumbo: off mac: 00:00:00:00:00:00
VLANs: BCM5301x enabled mac_check mac_hash
1: vlan1: 1 2 5t
2: vlan2: 0t 5t
4: vlan4: 3 5t
5: vlan5: 4 5t
6: vlan6: 0t 5t
56: vlan56: 0 3t 4 5t 7 8t
57: vlan57: 2 5t
58: vlan58: 1t 7 8t
59: vlan59: 1t 3t 4 7
60: vlan60: 1t 2 4
61: vlan61: 1t 3t 4 5 8t
62: vlan62: 1 2t 4 7t

2. brctl showbridge name bridge id STP enabled interfaces

br0 8000.f0795976b420 yes vlan1
eth1
eth2
bond0

3. ifconfig

bond0 Link encap:Ethernet HWaddr F0:79:59:76:B4:20
UP BROADCAST RUNNING MASTER MULTICAST MTU:1500 Metric:1
RX packets:7151688 errors:0 dropped:0 overruns:0 frame:0
TX packets:4178964 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:7822853413 (7.2 GiB) TX bytes:981614824 (936.1 MiB)

br0 Link encap:Ethernet HWaddr F0:79:59:76:B4:20
inet addr:192.168.1.1 Bcast:192.168.1.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:4835697 errors:0 dropped:0 overruns:0 frame:0
TX packets:4163021 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:4967824189 (4.6 GiB) TX bytes:966263041 (921.5 MiB)

eth0 Link encap:Ethernet HWaddr F0:79:59:76:B4:20
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:38664508 errors:0 dropped:0 overruns:0 frame:0
TX packets:11351041 errors:117 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:2739869094 (2.5 GiB) TX bytes:371033443 (353.8 MiB)
Interrupt:179 Base address:0x4000

eth1 Link encap:Ethernet HWaddr F0:79:59:76:B4:20
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:36673 errors:0 dropped:0 overruns:0 frame:50657
TX packets:168665 errors:4 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:39081021 (37.2 MiB) TX bytes:85952518 (81.9 MiB)
Interrupt:163

eth2 Link encap:Ethernet HWaddr F0:79:59:76:B4:24
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:896 errors:0 dropped:0 overruns:0 frame:825
TX packets:108861 errors:6 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:147078 (143.6 KiB) TX bytes:13933565 (13.2 MiB)
Interrupt:169

lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MULTICAST MTU:16436 Metric:1
RX packets:370 errors:0 dropped:0 overruns:0 frame:0
TX packets:370 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:47093 (45.9 KiB) TX bytes:47093 (45.9 KiB)

ppp0 Link encap:point-to-Point Protocol
inet addr:79.145.180.72 P-t-P:80.58.67.176 Mask:255.255.255.255
UP POINTOPOINT RUNNING MULTICAST MTU:1492 Metric:1
RX packets:4172709 errors:0 dropped:0 overruns:0 frame:0
TX packets:7030064 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:3
RX bytes:962614557 (918.0 MiB) TX bytes:3544638992 (3.3 GiB)

vlan1 Link encap:Ethernet HWaddr F0:79:59:76:B4:20
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:108853 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 B) TX bytes:13304732 (12.6 MiB)

vlan2 Link encap:Ethernet HWaddr F0:79:59:76:B4:20
inet addr:10.76.90.111 Bcast:10.127.255.255 Mask:255.192.0.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:27334541 errors:0 dropped:0 overruns:0 frame:0
TX packets:24169 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:36190436343 (33.7 GiB) TX bytes:1583351 (1.5 MiB)

vlan4 Link encap:Ethernet HWaddr F0:79:59:76:B4:20
UP BROADCAST RUNNING SLAVE MULTICAST MTU:1500 Metric:1
RX packets:7071583 errors:0 dropped:0 overruns:0 frame:0
TX packets:2885662 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:7813462768 (7.2 GiB) TX bytes:555526640 (529.7 MiB)

vlan5 Link encap:Ethernet HWaddr F0:79:59:76:B4:20
UP BROADCAST RUNNING SLAVE MULTICAST MTU:1500 Metric:1
RX packets:80105 errors:0 dropped:0 overruns:0 frame:0
TX packets:1293302 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:9390645 (8.9 MiB) TX bytes:426088184 (406.3 MiB)

vlan6 Link encap:Ethernet HWaddr 00:11:32:36:9D:91
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:4178278 errors:0 dropped:0 overruns:0 frame:0
TX packets:7039055 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:1012692206 (965.7 MiB) TX bytes:7946039200 (7.3 GiB)

4. nvram show | grep -E 'vlan|et0|devs'et0macaddr=F0:79:59:76:B4:20


vlan4ports=3 5t
et0mdcport=0
vlan2ports=0 5u
wan0_ifname=vlan6
wl0_vlan_prio_mode=off
vlan2hwname=et0
vlan5hwname=et0
wl_vlan_prio_mode=off
size: 48643 bytes (16893 left)
lan_ifnames=vlan1 eth1 eth2
vlan5ports=4 5t
wan_ifnames=vlan6
vlan1hwname=et0
vlan1ports=1 2 3 4 5*
wandevs=et0
vlan4hwname=et0
et0phyaddr=30
landevs=vlan1 wl0 wl1
wl1_vlan_prio_mode=off

5. iptables -L INPUT -vnChain INPUT (policy ACCEPT 0 packets, 0 bytes)


pkts bytes target prot opt in out source destination
18070 3110K ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
0 0 ACCEPT all -- bond0 * 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT all -- vlan5 * 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT all -- vlan4 * 0.0.0.0/0 0.0.0.0/0
27M 36G ACCEPT udp -- vlan2 * 0.0.0.0/0 224.0.0.0/4 udp
536 19296 ACCEPT 2 -- vlan2 * 0.0.0.0/0 224.0.0.0/4
4 124 DROP icmp -- ppp0 * 0.0.0.0/0 0.0.0.0/0 icmptype 8
2319 153K DROP all -- ppp0 * 0.0.0.0/0 0.0.0.0/0 state INVALID
249 30001 ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0 state NEW
40895 7206K ACCEPT all -- br0 * 0.0.0.0/0 0.0.0.0/0 state NEW
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp spt:67 dpt:68
19 832 ACCEPT tcp -- * * 0.0.0.0/0 192.168.1.1 tcp dpt:80
0 0 ACCEPT tcp -- * * 0.0.0.0/0 192.168.1.1 tcp dpt:8443
0 0 ACCEPT tcp -- ppp0 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:24
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp !type 8
7150 436K DROP all -- * * 0.0.0.0/0 0.0.0.0/0

6. ping -c 5 192.168.1.1 && ping -c 5 10.76.90.111 && ping -c 5 10.64.0.1 && ping -c 5 172.26.0.1 && ping -c 5 172.23.0.1 && ping -c 5 8.8.8.8 && ping -c 5 google.com

Ping Cable WiFi
192.168.1.1 OK OK
10.76.90.111 OK OK
10.64.0.1 FAIL FAIL
172.26.0.1 FAIL FAIL
172.23.0.1 FAIL FAIL
8.8.8.8 OK OK
google.com OK OK

Cheers!
 
@rioreal2 You're almost there! You can try the following to troubleshoot:

1. Verify all switch ports are untagged under VLAN membership / management
2. Change your xmit_hash_policy value to 0 in the services-start script ie. echo 0 > /sys/class/net/bond0/bonding/xmit_hash_policy - save, reboot then try pinging again
3. Try changing the hash mode for the LAG profile on the switch to SRC IP - DST IP
4. Were you able to ping 10.64.0.1, 172.26.0.1, 172.23.0.1 prior to enabling lag?
5. Provide output of 'cat /proc/net/bonding/bond0' and 'route -e'

Cheers
 
@rioreal2 You're almost there! You can try the following to troubleshoot:

1. Verify all switch ports are untagged under VLAN membership / management
2. Change your xmit_hash_policy value to 0 in the services-start script ie. echo 0 > /sys/class/net/bond0/bonding/xmit_hash_policy - save, reboot then try pinging again
3. Try changing the hash mode for the LAG profile on the switch to SRC IP - DST IP
4. Were you able to ping 10.64.0.1, 172.26.0.1, 172.23.0.1 prior to enabling lag?
5. Provide output of 'cat /proc/net/bonding/bond0' and 'route -e'

Cheers

Thanks and sorry to bother you so much. Here are the results to your questions:

1. All switch ports are untagged and memebers of just vlan1 except router WAN port and ONT port that are tagged and out of vlan1 but members of vlan2 and vlan6
2. Done but no change
3. Done but no change
4. Not sure, didn't try. But tried now traceroute (both from router and PC client wired to the switch) to 172.26.23.3 (DNS) and first hop is 10.64.0.1 and next 172.26.228.177 so 10.64.0.1 is reachable. The 172 addresses I think are not excatly real addresses but refers to IP ranges since in the script I had were specified as 172.26.0.0/16 and 172.23.0.0/16
5.
cat /proc/net/bonding/bond0
Ethernet Channel Bonding Driver: v3.7.0 (June 2, 2010)

Bonding Mode: IEEE 802.3ad Dynamic link aggregation
Transmit Hash Policy: layer2 (0)
MII Status: up
MII Polling Interval (ms): 50
Up Delay (ms): 0
Down Delay (ms): 0

802.3ad info
LACP rate: fast
Aggregator selection policy (ad_select): stable
Active Aggregator Info:
Aggregator ID: 1
Number of ports: 2
Actor Key: 5
Partner Key: 2908
Partner Mac Address: e8:de:27:7d:54:7c

Slave Interface: vlan4
MII Status: up
Link Failure Count: 0
Permanent HW addr: f0:79:59:76:b4:20
Aggregator ID: 1
Slave queue ID: 0

Slave Interface: vlan5
MII Status: up
Link Failure Count: 0
Permanent HW addr: f0:79:59:76:b4:20
Aggregator ID: 1
Slave queue ID: 0

route -e
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
80.58.67.176 * 255.255.255.255 UH 0 0 0 ppp0
192.168.1.0 * 255.255.255.0 U 0 0 0 br0
172.26.0.0 10.64.0.1 255.255.0.0 UG 0 0 0 vlan2
172.23.0.0 10.64.0.1 255.255.0.0 UG 0 0 0 vlan2
10.64.0.0 * 255.192.0.0 U 0 0 0 vlan2
127.0.0.0 * 255.0.0.0 U 0 0 0 lo
default 176.Red-80-58-6 0.0.0.0 UG 0 0 0 ppp0

Thanks!
 
Thanks and sorry to bother you so much. Here are the results to your questions:

1. All switch ports are untagged and memebers of just vlan1 except router WAN port and ONT port that are tagged and out of vlan1 but members of vlan2 and vlan6
2. Done but no change
3. Done but no change
4. Not sure, didn't try. But tried now traceroute (both from router and PC client wired to the switch) to 172.26.23.3 (DNS) and first hop is 10.64.0.1 and next 172.26.228.177 so 10.64.0.1 is reachable. The 172 addresses I think are not excatly real addresses but refers to IP ranges since in the script I had were specified as 172.26.0.0/16 and 172.23.0.0/16
5.

Your link aggregation is working as expected. The issue lies with the vlan setup on the switch ports and not with the router/lacp bond.

Were you able to connect to the internet via the wifi access point (which is connected to the switch) after carrying out changes 2 and 3? If so, then stick with the changes. However, if you were still facing difficulties then make sure that the wifi access point is connected to an untagged switch port, revert change 2 and try again..

As for IPTV services - you will need to untag all switch ports or create some sort of a trunk with multiple vlans assigned for the ONT port ie. vlan2+vlan1 and vlan6+vlan1 for the WAN port... as vlan1 which is assigned to br0 already interfaces with bond0 (vlan4+vlan5) on the router/switch but are untagged on the switch - makes sense?
 
Your link aggregation is working as expected. The issue lies with the vlan setup on the switch ports and not with the router/lacp bond.

Were you able to connect to the internet via the wifi access point (which is connected to the switch) after carrying out changes 2 and 3? If so, then stick with the changes. However, if you were still facing difficulties then make sure that the wifi access point is connected to an untagged switch port, revert change 2 and try again..

As for IPTV services - you will need to untag all switch ports or create some sort of a trunk with multiple vlans assigned for the ONT port ie. vlan2+vlan1 and vlan6+vlan1 for the WAN port... as vlan1 which is assigned to br0 already interfaces with bond0 (vlan4+vlan5) on the router/switch but are untagged on the switch - makes sense?

Thanks once again!

WiFi access point solved by rebooting it. Now seems to work stable with first config provided.

As for IPTV, it was working before bonding LAN ports of the router. Switch vlans are configured in the following way:
- vlan 2 and 6 with only members ONT and router WAN port in TRUNK mode and tagged. PVID 2
- vlan 1 with all ports (except ONT and router WAN) in access mode untagged including the 2 bonded router LAN ports, wifi AP, NAS, PCs, IPTV decoder, ... PVID 1

With this config before bonding (with single LAN router port configured as rest of devices in vlan 1) IPTV was working either on decoder and IPTV PC clients but now I am no able to make work.

What do you think about the switch VLAN config? My doubt is also related to the PVID concept...
 
Thanks once again!

WiFi access point solved by rebooting it. Now seems to work stable with first config provided.

As for IPTV, it was working before bonding LAN ports of the router. Switch vlans are configured in the following way:
- vlan 2 and 6 with only members ONT and router WAN port in TRUNK mode and tagged. PVID 2
- vlan 1 with all ports (except ONT and router WAN) in access mode untagged including the 2 bonded router LAN ports, wifi AP, NAS, PCs, IPTV decoder, ... PVID 1

With this config before bonding (with single LAN router port configured as rest of devices in vlan 1) IPTV was working either on decoder and IPTV PC clients but now I am no able to make work.

What do you think about the switch VLAN config? My doubt is also related to the PVID concept...

You're welcome... you may need to change the config type of the 2 ports used in your LAG/LACP profile to tagged trunk ports. You can learn more about your switch's pvid/vlan mgmt features by going over the user guide.
 
Please tell me, if done correctly, should the device operate for 3 or 4 port if it's connected to one cable?
 
Please tell me, if done correctly, should the device operate for 3 or 4 port if it's connected to one cable?

If I understood you correctly, your question was whether you can run a LAG setup with 1 cable connected to either ports 3 or 4. If so, yes, it should work fine but without the aggregated bandwidth as you only have 1 link up. LAG/LACP features increased throughput and failover protection.
 
Is it possible to add some explaination on how could i do aggreg with R7000 with asuswrt ? Some things are differents. Thanks.
 
Many thanks to AtAM1 who tried valiantly to help me set up Lagg on my 87u.
Ultimately it didn't work but I'm suspicious if it may not have been something I did, so I would suggest that AtAM1 might be able to pull it off with someone slightly more clued up than myself.
Ultimately I sent the 87u back and upgraded to the much better ac3200, which AtAM1 kindly helped me yesterday get Lagg set up and working on.
So that's another one off the list!
Well done AtAM1!

Interested to see your proposed Lagg FW project with Hggomes.
Many thanks to Hggomes too for his ongoing support and excellent branch of Merlin!
 
Hi there guys,

I'm new to the whole 802.3ad link aggregation thing, I have some knowledge in network administration but never had the chance to work with it.
Anyway, I have an AC87U wireless router and a HP Gen8 Microserver that is running Xpenology 5.2.
I want to make it work on 802.3ad load balancing mode, but I never tweaked ASUSWRT or another router for that matter.
So that being said, can please someone point me to an EXACT tutorial or step by step how to do it on my router ?
Right now I'm using hhgomes FW but I can change it to Rmerlin's FW if it doesn't work :)

Thanks a lot !
A.
 
Thanks @AtAM1 for this howto. It works on my RT-AC68U but with slight changes:
instead of setting bonding parameters after modprobe I set them at the same time of modprobe:
Code:
modprobe bonding mode=802.3ad miimon=50 lacp_rate=fast xmit_hash_policy=1
Another change is: I make vlan5 and vlan4 down before adding them to slaves and then making them up after it:
Code:
ip link set vlan4 down                           
ip link set vlan5 down                           
echo +vlan4 > /sys/class/net/bond0/bonding/slaves
echo +vlan5 > /sys/class/net/bond0/bonding/slaves
ip link set vlan4 up  
ip link set vlan5 up
Without these two changes original scripts won't work for me.
 

Similar threads

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Staff online

Top