Message ID | 20200614111705.481189-3-fabian@blaese.de |
---|---|
State | Accepted |
Headers | show |
diff --git a/src/packages/fff/fff-wireguard/files/etc/gateway.d/50-wireguard b/src/packages/fff/fff-wireguard/files/etc/gateway.d/50-wireguard index 69a3d74..d95d522 100644 --- a/src/packages/fff/fff-wireguard/files/etc/gateway.d/50-wireguard +++ b/src/packages/fff/fff-wireguard/files/etc/gateway.d/50-wireguard @@ -126,7 +126,7 @@ configure() { babel_add_iifrules "$prefixname" || { echo "ERROR: Could not add iif-rules for wgpeer $name"; exit 1; } # add babel interface - babel_add_interface "$prefixname" "$prefixname" 'tunnel' "$rxcost" || { echo "ERROR: Could not add babeld interface for wgpeer $name"; exit 1; } + babel_add_interface "$prefixname" "$prefixname" 'wired' "$rxcost" || { echo "ERROR: Could not add babeld interface for wgpeer $name"; exit 1; } } config_load gateway
Hi, hat das irgendwelche Nachteile, außer dass dann die Einstellungen, die du hier als Nachteil beschreibst, eben nicht mehr/anders angewandt werden? (Ich verstehe das so, dass diese Settings eigentlich von Vorteil sein sollen, nur das für unseren Fall nicht sind?) Grüße Adrian > -----Original Message----- > From: franken-dev [mailto:franken-dev-bounces@freifunk.net] On Behalf > Of Fabian Bläse > Sent: Sonntag, 14. Juni 2020 13:17 > To: franken-dev@freifunk.net > Subject: [PATCH] wireguard: Use babel type wired for wireguard babel > peers. > > The babel interface type 'tunnel' has some disadvantageous properties for > our network. > > First, babel tries to evaluate the tunnel performance using the rtt. However, > this makes the network quite unstable, as rtt might fluctuate a lot, especially > on less reliable connections (e.g. LTE). Instead of fully falling back to an > alternate route, this rtt evaluation leads to a lot of flapping routes. > Additionally, rtt evaluation changes the metric of routes quite often, which > leads to many unnessessary babel messages in our network. > > Also, babeld disables split-horizon processing on 'tunnel' interfaces per > default. > However, split-horizon processing can be done in our point-to-point tunnel > setup without any issues and has the advantage of significantly reduced > babel messages on a link with many uplink routes. > > Therefore, wireguard babel peers now use the interface type 'wired'. > > Signed-off-by: Fabian Bläse <fabian@blaese.de> > --- > src/packages/fff/fff-wireguard/files/etc/gateway.d/50-wireguard | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/src/packages/fff/fff-wireguard/files/etc/gateway.d/50-wireguard > b/src/packages/fff/fff-wireguard/files/etc/gateway.d/50-wireguard > index 69a3d74..d95d522 100644 > --- a/src/packages/fff/fff-wireguard/files/etc/gateway.d/50-wireguard > +++ b/src/packages/fff/fff-wireguard/files/etc/gateway.d/50-wireguard > @@ -126,7 +126,7 @@ configure() { > babel_add_iifrules "$prefixname" || { echo "ERROR: Could > not add iif-rules for wgpeer $name"; exit 1; } > > # add babel interface > - babel_add_interface "$prefixname" "$prefixname" 'tunnel' > "$rxcost" || { echo "ERROR: Could not add babeld interface for wgpeer > $name"; exit 1; } > + babel_add_interface "$prefixname" "$prefixname" 'wired' > "$rxcost" || > +{ echo "ERROR: Could not add babeld interface for wgpeer $name"; exit > +1; } > } > > config_load gateway > -- > 2.27.0
On 14.06.20 13:21, mail@adrianschmutzler.de wrote: > Hi, > > hat das irgendwelche Nachteile, außer dass dann die Einstellungen, die du hier als Nachteil beschreibst, eben nicht mehr/anders angewandt werden? (Ich verstehe das so, dass diese Settings eigentlich von Vorteil sein sollen, nur das für unseren Fall nicht sind?) Sollte keine weiteren Unterschied haben, außer die genannten. Split Horizon steht per default auf "auto", womit es für type wired aktiviert, für alle anderen types deaktiviert wird. Diese rtt-penalty war bestimmt gut gemeint, bei mir hat sich sich aber so gut wie immer als nachteilig herausgestellt. Split Horizon Processing ist immer von Vorteil, außer dort, wo man es nicht anwenden kann, weil ein Link nicht transitiv ist (z.B. 802.11s mit deaktiviertem HWMP oder IBSS, oder Tunnel, wo sich die Clients auf einem Tunnel gegenseitig *nicht* sehen). Gruß Fabian
Das heißt aber, effektiv ist „type“ dann nur eine Art meta-Setting, um verschiedene andere „Einstellungen“ gebündelt auszuwählen?
Ja. Das ganze ist erstmal auch babeld-spezifisch (bird hat die ursprünglichen Typen wired und wireless übernommen). Daher tauchen die types auch nicht im babel RFC auf. Gruß Fabian On 14.06.20 13:50, mail@adrianschmutzler.de wrote: > Das heißt aber, effektiv ist „type“ dann nur eine Art meta-Setting, um verschiedene andere „Einstellungen“ gebündelt auszuwählen? >
Hi, nach unserem aktuellen Kenntnisstand von babeld eine sinnvolle Änderung. Konnte auch schon sinnlos oszillierende Routen beobachten und meine Geräte sind deswegen schon länger auf wired gestellt. Reviewed-by: Johannes Kimmel <fff@bareminimum.eu> On 14.06.20 13:17, Fabian Bläse wrote: > The babel interface type 'tunnel' has some disadvantageous properties for > our network. > > First, babel tries to evaluate the tunnel performance using the rtt. However, > this makes the network quite unstable, as rtt might fluctuate a lot, especially > on less reliable connections (e.g. LTE). Instead of fully falling back to an alternate > route, this rtt evaluation leads to a lot of flapping routes. Additionally, rtt > evaluation changes the metric of routes quite often, which leads to many unnessessary > babel messages in our network. > > Also, babeld disables split-horizon processing on 'tunnel' interfaces per default. > However, split-horizon processing can be done in our point-to-point tunnel setup without > any issues and has the advantage of significantly reduced babel messages on a link with > many uplink routes. > > Therefore, wireguard babel peers now use the interface type 'wired'. > > Signed-off-by: Fabian Bläse <fabian@blaese.de> > --- > src/packages/fff/fff-wireguard/files/etc/gateway.d/50-wireguard | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/src/packages/fff/fff-wireguard/files/etc/gateway.d/50-wireguard b/src/packages/fff/fff-wireguard/files/etc/gateway.d/50-wireguard > index 69a3d74..d95d522 100644 > --- a/src/packages/fff/fff-wireguard/files/etc/gateway.d/50-wireguard > +++ b/src/packages/fff/fff-wireguard/files/etc/gateway.d/50-wireguard > @@ -126,7 +126,7 @@ configure() { > babel_add_iifrules "$prefixname" || { echo "ERROR: Could not add iif-rules for wgpeer $name"; exit 1; } > > # add babel interface > - babel_add_interface "$prefixname" "$prefixname" 'tunnel' "$rxcost" || { echo "ERROR: Could not add babeld interface for wgpeer $name"; exit 1; } > + babel_add_interface "$prefixname" "$prefixname" 'wired' "$rxcost" || { echo "ERROR: Could not add babeld interface for wgpeer $name"; exit 1; } > } > > config_load gateway
Hi, da vertraue ich einfach mal euren Tests. Meh kaputt geht nichts, ich habe die auch mit wired am laufen. Reviewed-by: Robert Langhammer <rlanghammer@web.de> Am 14.06.20 um 13:17 schrieb Fabian Bläse: > The babel interface type 'tunnel' has some disadvantageous properties for > our network. > > First, babel tries to evaluate the tunnel performance using the rtt. However, > this makes the network quite unstable, as rtt might fluctuate a lot, especially > on less reliable connections (e.g. LTE). Instead of fully falling back to an alternate > route, this rtt evaluation leads to a lot of flapping routes. Additionally, rtt > evaluation changes the metric of routes quite often, which leads to many unnessessary > babel messages in our network. > > Also, babeld disables split-horizon processing on 'tunnel' interfaces per default. > However, split-horizon processing can be done in our point-to-point tunnel setup without > any issues and has the advantage of significantly reduced babel messages on a link with > many uplink routes. > > Therefore, wireguard babel peers now use the interface type 'wired'. > > Signed-off-by: Fabian Bläse <fabian@blaese.de> > --- > src/packages/fff/fff-wireguard/files/etc/gateway.d/50-wireguard | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/src/packages/fff/fff-wireguard/files/etc/gateway.d/50-wireguard b/src/packages/fff/fff-wireguard/files/etc/gateway.d/50-wireguard > index 69a3d74..d95d522 100644 > --- a/src/packages/fff/fff-wireguard/files/etc/gateway.d/50-wireguard > +++ b/src/packages/fff/fff-wireguard/files/etc/gateway.d/50-wireguard > @@ -126,7 +126,7 @@ configure() { > babel_add_iifrules "$prefixname" || { echo "ERROR: Could not add iif-rules for wgpeer $name"; exit 1; } > > # add babel interface > - babel_add_interface "$prefixname" "$prefixname" 'tunnel' "$rxcost" || { echo "ERROR: Could not add babeld interface for wgpeer $name"; exit 1; } > + babel_add_interface "$prefixname" "$prefixname" 'wired' "$rxcost" || { echo "ERROR: Could not add babeld interface for wgpeer $name"; exit 1; } > } > > config_load gateway
Merged mit PKG_RELEASE bump und commit title prefix geändert von wireguard auf fff-wireguard. > -----Original Message----- > From: franken-dev [mailto:franken-dev-bounces@freifunk.net] On Behalf > Of Fabian Bläse > Sent: Sonntag, 14. Juni 2020 13:17 > To: franken-dev@freifunk.net > Subject: [PATCH] wireguard: Use babel type wired for wireguard babel > peers. > > The babel interface type 'tunnel' has some disadvantageous properties for > our network. > > First, babel tries to evaluate the tunnel performance using the rtt. However, > this makes the network quite unstable, as rtt might fluctuate a lot, especially > on less reliable connections (e.g. LTE). Instead of fully falling back to an > alternate route, this rtt evaluation leads to a lot of flapping routes. > Additionally, rtt evaluation changes the metric of routes quite often, which > leads to many unnessessary babel messages in our network. > > Also, babeld disables split-horizon processing on 'tunnel' interfaces per > default. > However, split-horizon processing can be done in our point-to-point tunnel > setup without any issues and has the advantage of significantly reduced > babel messages on a link with many uplink routes. > > Therefore, wireguard babel peers now use the interface type 'wired'. > > Signed-off-by: Fabian Bläse <fabian@blaese.de> > --- > src/packages/fff/fff-wireguard/files/etc/gateway.d/50-wireguard | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/src/packages/fff/fff-wireguard/files/etc/gateway.d/50-wireguard > b/src/packages/fff/fff-wireguard/files/etc/gateway.d/50-wireguard > index 69a3d74..d95d522 100644 > --- a/src/packages/fff/fff-wireguard/files/etc/gateway.d/50-wireguard > +++ b/src/packages/fff/fff-wireguard/files/etc/gateway.d/50-wireguard > @@ -126,7 +126,7 @@ configure() { > babel_add_iifrules "$prefixname" || { echo "ERROR: Could > not add iif-rules for wgpeer $name"; exit 1; } > > # add babel interface > - babel_add_interface "$prefixname" "$prefixname" 'tunnel' > "$rxcost" || { echo "ERROR: Could not add babeld interface for wgpeer > $name"; exit 1; } > + babel_add_interface "$prefixname" "$prefixname" 'wired' > "$rxcost" || > +{ echo "ERROR: Could not add babeld interface for wgpeer $name"; exit > +1; } > } > > config_load gateway > -- > 2.27.0
The babel interface type 'tunnel' has some disadvantageous properties for our network. First, babel tries to evaluate the tunnel performance using the rtt. However, this makes the network quite unstable, as rtt might fluctuate a lot, especially on less reliable connections (e.g. LTE). Instead of fully falling back to an alternate route, this rtt evaluation leads to a lot of flapping routes. Additionally, rtt evaluation changes the metric of routes quite often, which leads to many unnessessary babel messages in our network. Also, babeld disables split-horizon processing on 'tunnel' interfaces per default. However, split-horizon processing can be done in our point-to-point tunnel setup without any issues and has the advantage of significantly reduced babel messages on a link with many uplink routes. Therefore, wireguard babel peers now use the interface type 'wired'. Signed-off-by: Fabian Bläse <fabian@blaese.de> --- src/packages/fff/fff-wireguard/files/etc/gateway.d/50-wireguard | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)