Link aggregation between NetBSD agr and Linux bond interfaces

[BERTRAND Joël <joel.bertrand%systella.fr@localhost>]

    Hello,

    I'm trying to aggregate two openvpn links between a Linux server 
(debian) and a NetBSD client (running 7.0.2). I have done some test with 
a 7.99.43 kernel/userland on an AlphaStation with the same result.

    I suppose I have understood agr capabilities, I use it with a 
switch for a long time without trouble.

    On Linux side, I have started two openvpn servers (UDP 
configuration). Each VPN runs on a different VDSL2 link. I don't have 
openvpn configuration issue as this configuration runs fine without 
aggregation. I have stopped all firewalls on both servers.

Linux
|
+- eth0 (LAN)
+- eth1 (WAN ISP1)
+- eth2 (WAN ISP2)
+- tap1 (UDP on ISP1)
+- tap2 (UDP on ISP2)

    I have added in /etc/network/interfaces:

auto bond0
iface bond0 inet static
        address 192.168.1.1
        netmask 255.255.255.0
        slaves tap1 tap2
        bond_mode 4
# 4 = 802.3ad, I have tried round-robin (0)	
        bond_miimon 100
        bond_downdelay 200
        bond_updelay 200

and I obtain a bond0 interface.

    On NetBSD side, I have tried to configure a new agr interface 
without success.

NetBSD
|
+- wm0 (WAN)
+- tap0 (to Linux's tap1)
+- tap1 (to Linux's tap2)
+- agr0 (wm1 + wm2, 802.3ad)

wm1 and wm2 are linked into agr0:

legendre# cat ifconfig.agr0
create
agrport wm1
agrport wm2
inet 192.168.10.128 netmask 255.255.255.0
up
!ifconfig wm1 up
!ifconfig wm2 up
legendre#

I have tried to create a new agr1 interface but it doesn't work as 
expected. Maybe I have misunderstood something.

ifconfig create agr1 creates a new interface. I have to add and remove 
agrports. Thus, I have written openvpn up and down scripts to add and 
remove agrports. Problem : when a tunnel stops, tap interface is 
dismounted and ifconfig returns :

agr1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
    ...
    agrport: , flags=0x3<COLLECTING,DISTRIBUTING>
    agrport: tap1, flags=0x3<COLLECTING,DISTRIBUTING>
    ...

    Please note that tap0 is replaced by '' and this port cannot be 
delete anymore. I have added persist-tun option in openvpn configuration 
and problem disappears.

    I have created agr interface by hand (openvpn without inet/inet6 
parameters and I have added network configuration directly on agr1 
interface). I haven't obtain a running aggregated tunnel. I have tried 
to use link0 and -link0 parameters without success.

    Even with interfaces up on both sides, tunnel is unusable.

    Is it possible to write a configuration to aggregate two openVPN 
links between a Linux server an a NetBSD client ?

	Best regards,

	JKB