Aggregate internet links with mlvpn

NILIn this article I'll explain how to aggregate internet access bandwidth using

how-to.

Pre-requisites

with variable bandwidth or packet loss.

access and on the client on which you want to aggregate the links, this is like

doing multiples VPN to the same remote server with a VPN per link, and

aggregate them.

Multi-wan roundrobin / load balancer doesn't allow to stack bandwidth but

doesn't require a remote server, depend on what you want to do, this may be

enough and mlvpn may not be required.

between two OpenBSD hosts, your setup may differ.

Some network diagram

Here is a simple network, the client has access to 2 ISP through two ethernet

interfaces.

em0 and em1 will have to be on different rdomains (it's a feature to separate

routing tables).

Let's say the public ip of the server is 1.2.3.4. 

                [internet]


                    | (public ip on em0)


             #-------------#


             |             |


             |   Server    |


             |             |


             #-------------#


                |       |


                |       |


                |       |


                |       |


    (internet)  |       | (internet)


    #-------------#   #-------------#


    |             |   |             |


    |   ISP 1     |   |  ISP 2      |


    |             |   |             |  (you certainly don't control those)


    #-------------#   #-------------#


                |       |


                |       |


  (dsl1 via em0)|       | (dsl1 via em1)


             #-------------#


             |             |


             |   Client    |


             |             |


             #-------------#

Network configuration

As said previously, em0 and em1 must be on different rdomains, it can easily be

done by adding rdomain 1 and rdomain 2 to the interfaces configuration.

Example in /etc/hostname.em0 

rdomain 1


dhcp

mlvpn installation

On OpenBSD the installation is as easy as pkg_add mlvpn (should work starting

from 6.7 because it required patching).

mlvpn configuration

Once the network configuration is done on the client, there are 3 steps to do

to get aggregation working:

  1. mlvpn configuration on the server

  1. mlvpn configuration on the client

  1. activating NAT on the client

Server configuration

On the server we will use the UDP ports 5080 et 5081.

Connections speed must be defined in bytes to allow mlvpn to correctly

balance the traffic over the links, this is really important.

The line bandwidth_upload = 1468006 is the maximum **download bandwidth of the

client** on the specified link in bytes. If you have a download speed of 1.4 MB/s

then you can choose a value of 1.4*1024*1024 => 1468006.

The line bandwidth_download = 102400 is the maximum **upload bandwidth of the

client** on the specified link in bytes. If you have an upload speed of 100 kB/s

then you can choose a value of 100*1024 => 102400.

The password line must be a very long random string, it's a shared secret

between the client and the server. 

# config you don't need to change


[general]


statuscommand = "/etc/mlvpn/mlvpn_updown.sh"


protocol = "tcp"


loglevel = 4


mode = "server"


tuntap = "tun"


interface_name = "tun0"


cleartext_data = 0


ip4 = "10.44.43.2/30"


ip4_gateway = "10.44.43.1"


# things you need to change


password = "apoziecxjvpoxkvpzeoirjdskpoezroizepzdlpojfoiezjrzanzaoinzoi"


[dsl1]


bindhost = "1.2.3.4"


bindport = 5080


bandwidth_upload = 1468006


bandwidth_download = 102400


[dsl2]


bindhost = "1.2.3.4"


bindport = 5081


bandwidth_upload = 1468006


bandwidth_download = 102400

Client configuration

The password value must match the one on the server, the values of ip4 and

Proxy Information
Original URL
gemini://perso.pw/blog//articles/mlvpn.gmi
Status Code
Success (20)
Meta
text/gemini
Capsule Response Time
133.502028 milliseconds
Gemini-to-HTML Time
1.351212 milliseconds

This content has been proxied by September (3851b).