0

Is it possible to create multiple bonds on the same slaves?

We have two ethernet ports on each server. We'd like to have one ethernet port with a public address and one ethernet port with a private address but also ensure redundancy.

Is it possible to create two active-backup bonds using the same interfaces?

iface bond0 inet static
    address XXX.XXX.XXX.XXX
    bond-slaves eth0 eth1
    bond-primary eth0
    bond-mode active-backup

iface bond0 inet static
    address 192.168.1.2
    bond-slaves eth1 eth0
    bond-primary eth1
    bond-mode active-backup

Where as eth1 will serve the private network and eth0 will serve the public network until there is a failure.

Devon
  • 800
  • 1
  • 9
  • 20
  • For this to work you'd need to connect your DMZ with the internal network which completely defies the idea of a DMZ. You don't route public IPs into your internal net, do you? – Zac67 Mar 30 '18 at 11:28
  • I'm not sure we'd see any benefit from a DMZ setup. All of the servers are on the same VLAN, they all will have a public and private address. So if one server gets compromised, they have access to the private network anyways. The private network is just for communication, transfers, and NFS between the servers. – Devon Mar 30 '18 at 11:44
  • First, you shouldn't route public IP addresses outside a DMZ. Second, there's little point in using dedicated NICs in this way. Just bond them and bind both IPs to the bond. – Zac67 Mar 30 '18 at 11:47
  • Well, the goal is to be able to have large amounts of transfer on the private network without affecting the public network. We want to be able to transfer ~100MB/s between servers without affecting degrading public network performance. A single bond wouldn't accomplish that without using link aggregation. – Devon Mar 30 '18 at 12:20

0 Answers0