Setting up Network Channel Bonding (Load Balancing / Active-Standby) on Red Hat

Notice: The article is for Red Hat Enterprise Linux (RHEL) 5.7 and 6.2. It may also suitable for other newer version of Red Hat.

This article is inspired by this article.

Situation

  • You have a fresh installed server running RHEL
  • The server has two Ethernet interface eth0 and eth1
  • The server has no bond device set up before
  • You want to configure eth0 and eth1 to be load balancing or active-standby
  • You will use static IP for the network connection

Step 1: Add a bond device configuration file

2012-06-11 Edit 1: Till now I am still wondering if MACADDR or HWADDR should be specified in the configuration file because in sample configuration file in the Red Hat official document here it does not contain such fields. At this stage I would recommend not specifying both MACADDR and HWADDR unless you run into physical address conflict problem.

2012-06-11 Edit 2: After going through the official Red Hat document for RHEL5 here, the correct way to specify the bonding options should be inside the ifcfg-bond0 file.

Create a new file in:

/etc/sysconfig/network-scripts/ifcfg-bond0

with the following content:
For MAC address, please assign a value on your own so that it won’t conflict with other MAC address on the network. The main reason why MAC address needed to specified is that bond0 by default will use the hardware address of eth0. When eth1 is down, the hardware address of eth0 will conflict with the MAC address of bond0, which we don’t want to see. Please notice that it should be MACADDR but not HWADDR in the bond configuration file.

DEVICE=bond0
ONBOOT=yes
BOOTPROTO=none
MACADDR=A1:B8:E8:08:5E:FD
IPADDR=192.168.0.30
NETMASK=255.255.255.0
GATEWAY=192.168.0.1
USERCTL=no
BONDING_OPTS="mode=balance-alb miimon=100"

Remember to replace the value for IP address, netmask and gateway.

For active-standby channel bonding, you should use the following instead:

mode=active-backup miimon=100

The miimon options is to enable monitoring of the link status. You may refer to the Red Hat official documentation here or another reference here for more parameters and options available for configuration.

For RHEL6, you may also want to include the following line in the file to avoid getting the error Device not managed by NetworkManager when activating the interface.

NM_CONTROLLED=no

Step 2: Modify existing Ethernet device configuration files

2012-06-11 Edit 3: See 2012-06-11 Edit 1 for the reason of removing the line HWADDR.

Modify the configuration file. Remember to replace the HWADDR with the original hardware address from the Ethernet interface.

Modify the file

/etc/sysconfig/network-scripts/ifcfg-eth0

with the following content:

DEVICE=eth0
BOOTPROTO=none
HWADDR=6C:54:82:06:27:A6
ONBOOT=yes
USERCTL=no
MASTER=bond0
SLAVE=yes

Do the same for

/etc/sysconfig/network-scripts/ifcfg-eth1

with the following:

DEVICE=eth1
BOOTPROTO=none
HWADDR=35:52:AB:59:AB:64
ONBOOT=yes
USERCTL=no
MASTER=bond0
SLAVE=yes

For RHEL6, you may also want to include the following line in the file to avoid getting the error Device not managed by NetworkManager when activating the interface.

NM_CONTROLLED=no

Step 3: Configure bond module

2012-06-11 Edit 4: See 2012-06-11 Edit 2 for the reason why option bond0 is deleted.

For RHEL5, append to file:

/etc/modprobe.conf

For RHEL6, create a file:

/etc/modprobe.d/bonding.conf

with the following one line two lines:

For load balancing:

alias bond0 bonding
options bond0 mode=balance-alb miimon=100

For active-standby:

alias bond0 bonding
options bond0 mode=active-backup miimon=100

The miimon options is to enable monitoring of the link status. You may refer to here for more parameters and options available for configuration.

Step 4: Enable bonding module

To enable bonding module, simply restart your server or execute the two commands

modprobe -v bonding

service network restart

Step 5: Check the status of bonding channel

Execute the command

cat /proc/net/bonding/bond0

to check the status. Below is the sample output:

Bonding Mode: load balancing (round-robin)
MII Status: up
MII Polling Interval (ms): 100
Up Delay (ms): 200
Down Delay (ms): 200

Slave Interface: eth0
MII Status: up
Link Failure Count: 0
Permanent HW addr: 6c:54:82:06:27:a6

Slave Interface: eth1
MII Status: up
Link Failure Count: 0
Permanent HW addr: 35:52:ab:59:ab:64

The channel bonding has been set up and running. However if you are setting up a new server you might be interested in setting up your DNS as well.

Extra Step 1: Set up DNS

Edit the file

/etc/resolv.conf

and append a line prefixed with nameserver for each DNS server. Remember to replace the IP of the DNS server.

nameserver 8.8.8.8

Extra step 2: Checking if DNS working

Simply execute command like

ping www.google.com

and see if the it is successfully resolved into IP address for ping. You should see something like this.

[root@server ~]# ping www.google.com
PING www.l.google.com (72.14.203.99) 56(84) bytes of data.

Note: Problem with MAC address flip flopping with load balancing

If you are using the load balancing channel bonding, your router may complaint that the MAC address is flip flopping because the same MAC address is appearing in two different links. If the use of load balancing is purely for redundancy, consider using active standby mode. If not, most likely you have to work on your router configuration.

Advertisements

Which Network Script to Maintain Manually on Red Hat?

If you have notice, there are actually three network scripts on Red Hat.

[root@server ~]# locate ifcfg-eth0
/etc/sysconfig/network-scripts/ifcfg-eth0
/etc/sysconfig/networking/devices/ifcfg-eth0
/etc/sysconfig/networking/profiles/default/ifcfg-eth0

So which file should we edit and maintain if we want to make changes?

After digging into the Internet, I found some useful information here which lead me to here, which stated that:

/etc/sysconfig/networking/

This directory is used by the Network Administration Tool (system-config-network), and its contents should not be edited manually. For more information about configuring network interfaces using the Network Administration Tool, refer to Chapter 7, NetworkManager.

So the answer is, you should only manually edit and maintain network script in /etc/sysconfig/network-script.

“no link present. Check cable?” when using DHCP on Linux

Solution

Not guarantee to work. Add the following lines of code to the configuration file at /etc/sysconfig/network-scripts/ifcfg-ethx, where x = 0, 1, 2 depending on which Ethernet interface you use.

check_link_down() {
    return 1;
}

Reason

If you are sure the Ethernet cable is connected correctly, it maybe cause by the Ethernet device itself. On some Ethernet device, when the Ethernet device is activating it seems causing the device on the other end of the Ethernet cable to shutdown and restart as well. You will notice the LED light on the other side is turned off. The problem is that the OS check if the link is down when the other side of the device is still restarting, which is surely result in no link present.

Setting up Red Hat Enterprise Linux 5.7 with 802.1x Authentication and Proxy

Background

To set up Red Hat Enterprise Linux Server 5.7 in office network with 802.1x authentication and proxy setting.

Problems & Solution

How to set 802.1x authentication? The 802.1x tab is grey out!

In the System -> Preferences -> More Preferences -> Network Connections, under the Wired tab, add a new connection. You should be able to configure 802.1x tab.

Red Hat Enterprise Linux 5.7 Network Connections

802.1x authentication Tab

The server cannot connect to the network with 802.1x authentication

To connect to the network with 802.1x authentication enabled, click on the nm-applet icon in the notification bar, and select the network connection created.

nm-applet Icon

But I cannot find the “nm-applet” icon!

By default, the Network Manager service is not running. Start the Network Manager service and you should be able to see the nm-applet icon on the notification bar.

NetworkManager Service

How to set proxy?

You may append the proxy setting to the file /etc/environment. Example of proxy setting are:

export http_proxy='http://my.proxy/'
export https_proxy='https://my.proxy/'

“yum update” returns HTTP 400 Bad Request using proxy

It seems that it is a bug in the urlgrabber module. Perform yum update once without proxy to update the package on the server and will solve the problem.

How to lock screen to prevent others seeing my password used in 802.1x connection?

Just press Ctrl+Alt+L. Remember you cannot lock screen if you are using the root account.