Bonding, VLAN and VXLAN
LoadMaster bonding/Virtual LAN (VLAN) tagging can be easily set up and configured using the LoadMaster Web User Interface (WUI). Successful deployment requires that the pre-requisites have been satisfied.
The LoadMaster also supports Virtual Extensible LAN (VXLAN) and VXLAN Tunnel Endpoint (VTEP) capabilities. LoadMasters have the ability to proxy across VXLAN to non-VXLAN networks.
VXLAN is an overlay technology that encapsulates MAC frames at Layer 2 into a UDP header providing a way for multi-tenant "cloud" networks to span large networks. It is an overlay network in that it allows the creation of Layer 2 networks on top of Layer 3 networks. Communication is established between two or multiple tunnel end points called VTEPs which encapsulate Virtual Machine traffic in a VXLAN header as well as stripping the encapsulation off to present it to the destination Virtual Machine with the original Layer 2 packet. This allows Virtual Machine communication across subnets without the use of a Layer 3 router to bridge the segments via tunnelling.
This guide is designed to introduce interface bonding, VLAN and VXLAN configuration on the LoadMaster. Bonding support is available with all network modules.
The switch being used must be compatible with:
- IEEE 802.1Q
- IEEE 802.1AX/IEEE 802.3ad/LACP
It is not possible to bond interfaces on Azure or Amazon Web Services (AWS) LoadMasters.
Enabling the Active-Backup mode generally does not require switch intervention and can be configured directly on the LoadMaster. Using the 802.3ad bonding mode will require configuring a link aggregation group on the switch in conjunction with the LoadMaster. Please read your switch documentation to establish the corresponding team/bond. Common terms for link aggregation include "Ethernet trunk", "NIC teaming", "port channel", "port teaming", "port trunking", "link bundling", "EtherChannel", "Multi-Link Trunking (MLT)", "NIC bonding", "Network Fault Tolerance (NFT)" and "LAG".
When enabling VLAN trunking on the switch port, make sure to configure the port to support the appropriate mode; General; Access or Trunking. Descriptions are as follows, but please check your switch documentation for specifics:
General -- The port belongs to VLANs, and each VLAN is user-defined as tagged or untagged (full 802.1Q mode)
Access -- The port belongs to a single untagged VLAN
Trunk -- The port belongs to VLANs in which all ports are tagged
This document is intended to be read by anyone, specifically network administrators, who have an interest in finding out about bonding, VLAN and VXLAN configuration on the LoadMaster.
Published with LMOS version 126.96.36.199 LTS. This document has not required substantial changes since 188.8.131.52 LTS. However, the content is in sync with the latest LoadMaster LTS firmware.
There are a few key points to keep in mind when creating bonds/teams:
Interface bonding on the LoadMaster is supported in Azure, but bonding on the Azure switches is not
You can only bond interfaces higher than the parent. For example, if you start with port 10 you can only add ports 11 and greater.
When using a Virtual LoadMaster (VLM), all NICs must be added prior to configuring bonding or adding VLANs. If a new NIC is needed you must remove the bond and/or remove the VLANs.
If VLAN tagging is required, bond the links first and then add VLANs after the bond has been configured
Bonding interfaces 0 and 1 is not permitted
You should never bond all interfaces
In order to add a link to a bonded interface, any IP addressing must first be removed from the link to be added. The NIC to be added to the initial interface must not have an IP address.
Enabling the Active-Backup mode generally does not require switch intervention
The 802.3ad mode is an active-active setup
Ensure that all bonded interfaces are configured for the same link speed, both on the switch and the LoadMaster
If you want to bond port 0, you should strongly consider moving the web administrative interface and/or the remote SSH access to a different port temporarily until that bonding has been completely configured
To create a bond/team, follow the steps below:
1. In the main menu of the WUI, navigate to System Configuration > Network Setup > Interfaces.
2. Click the link for the relevant interface.
3. Click Interface Bonding.
4. Click Create a bonded interface.
5. Click OK.
6. Click OK again.
7. Click Continue.
8. In the main menu, select System Configuration > Network Setup > Interfaces and click the bnd link.
9. Click Bonded Devices.
10. Select the relevant interface and click Add Link.
To remove a bond/team, follow the steps below:
1. In the main menu of the LoadMaster WUI, go to System Configuration > Network Setup > Interfaces.
2. Select the bond to be removed.
3. Click Bonded Devices.
4. Un-bind each port by clicking the Unbind Port button. Repeat this until all ports are removed from the bond.
5. Once all of the child ports have been un-bonded, the parent port can be unbonded by clicking Unbond.
6. Click Continue.
Things to keep in mind:
Configure VLAN tagging on the switch first, if required
Start by deciding if you need bonding. If you do, first establish the bonded configuration. Then, proceed by adding the VLAN tagging information.
VLANs can be added to physical interfaces or bonded interfaces
The VLAN interface IP address cannot be in the same subnet as the VXLAN interface
To add a VLAN, follow the steps below:
1. In the main menu of the WUI, go to System Configuration > Network Setup > Interfaces.
2. Click the relevant interface.
3. Click VLAN Configuration.
4. Enter the VLAN Id and click Add New VLAN.
5. Click Continue.
6. Repeat as needed.
To view the VLANs, in the main menu of the WUI, select System Configuration > Network Setup > Interfaces and expand the drop-down list.
Before removing a VLAN, please ensure that the interface is not being used for other purposes, for example as a multicast interface, WUI interface, SSH interface or a GEO interface.
Repeat as needed. To view the VLANs select the System Configuration > Network Setup > Interfaces menu option and select the appropriate VLAN ID from the drop-down list.
There are a few key points to keep in mind when creating a VXLAN:
VXLANs can be added to physical interfaces as well as bonded interfaces
It is possible to create a VLAN on top of a VXLAN
IPv6 is not supported for VXLAN
VXLAN is not supported when LoadMaster clustering is configured
VXLANs use UDP destination port 8472
The VXLAN interface IP address cannot be in the same subnet as the VLAN interface.
To add a VXLAN to an interface in the LoadMaster, follow the steps below:
1. In the main menu of the LoadMaster WUI, go to System Configuration > Network Setup and click the relevant interface link.
2. Click the VXLAN Configuration button.
3. Enter a new VXLAN Network Identifier (VNI).
4. Enter the multicast group IP address or remote end-point (VTEP) IP address (in the case of a unicast point-to-point VXLAN).
5. Click Add New VXLAN.
6. To configure the VXLAN, go to System Configuration > Network Setup and select the relevant VXLAN from the drop-down list.
7. Enter the address of the interface and click Set Address.
If configuring a VXLAN in a High Availability (HA) setup, you will also have to specify the HA Shared IP address, the HA Partner IP address and specify whether or not to use the interface for HA checks.
If required, a VLAN can be created on top of the VXLAN by clicking the VLAN Configuration button.
A VXLAN can only be deleted if there are no VLANs created on top of it and if there are no IP addresses assigned to the VXLAN. If a VLAN has been created on top of a VXLAN, first delete the VLAN and then you can delete the VXLAN.
To delete a VXLAN, follow the steps below:
1. In the main menu of the LoadMaster, go to System Configuration > Network Setup and select the relevant VXLAN from the drop-down list provided.
2. Click Delete this VXLAN, as shown in the screenshot above.
Web User Interface, Configuration Guide
This document was last updated on 22 March 2021.