How to set up a bonding VPN connection in Linux

How to set up a bonding VPN connection in Linux

How to set up a wireless bandwidth bonding VPN connection in Linux using vtrunkd

 

Preface

 

This is a first short tutorial on how to set up vtrunkd linux multichannel VPN daemon to achieve aggregated bandwidth speeds using your 3G or LTE modems, or whatever other connections you have.

Setting up bonded vpn tunnel using multichannel VPN technology allows you to get a more stable connection for streaming, more combined bandwidth to download and upload files, and generally improves internet experience in case of a mobile setup, for example in a car, or in case if you have several different internet connections that are all unreliable separately.

In order to do channel bonding you will need to have a gateway server somewhere in the cloud or in a place with a good and stable channel, with at least twice the bandwidth that you want to achieve. This is because packet-level aggregation splits the traffic into several streams and these streams need to be merged before reaching the destination. That is why there are two modes of operation in vtrunkd – the server mode and the client mode. The principles of operation are very much similar to an ordinary VPN, like vtun or openvpn.

The overall process diagram looks like this:

 

vtrunkd link aggregation diagram

General vtrunkd components diagram

 

As vtrunkd is a heavily-multicore system, it spans a separate process for each connection, up to 30 of them in case you have that many uplinks.

For this tutorial, we will assume that we have 3 slower internet connections on client side, the wwan1, wwan2 and wwan3, and one superfast internet link on the server side, eth0. Gigabit internet connections are not uncommon for the modern cloud VPS/VDS hosting services.

We will also assume that you have ubuntu server and ubuntu client. Our configuration will look like this:

3 Huawei modems with 3 different SIM cards from different carriers

 

LTE modems used for link aggregation and speed bonding

Huawei modems vpn bonding

 

One Banana Pi M2 board with bunch of USB cables

 

 

Vtrunkd aggregation and vpn bonding software run on a Banana Pi M2 SBC board

Banana Pi M2 used for LTE bonding using vtrunkd

 

 

And one ubuntu server somewhere in the internet, with full root and kernel access

 

Cloud server running ubuntu and vtrunkd used for multichannel vpn bonding

Remote server console

 

 

You can use any other ubuntu client instead of Banana Pi M2, for example a laptop with ubuntu installed or any other board like Raspberry Pi 2 or Orange Pi PC, or even use Linux distribution of your choice instead of ubuntu, these instructions will still apply.

 

Step 1. Prepare server

In order to proceed, we will need to compile and run vtrunkd from source. On ubuntu server, we do:

Next, we will need to create a basic configuration file, we will take one from the examples

we will leave everything as is, just replace the default password “testpasswd”:

 

vtrunkd configuration file

Editing vtrunkd configuration file on a cloud server

 

 

and press CTRL-X to save, answer yes, and exit pressing ENTER

 

Now, we need to do some basic setup on the server side in order to allow us to actually reach the internet once we are connected. We will add the following lines to /etc/rc.local by issuing sudo nano /etc/rc.local

 

And in sysctl.conf:

 

 

 

add lines to the end:

 

 

this will launch vtrunkd at port 6000 after restart and enable packet forwarding. Now, reboot for the changes to take effect.

 

 

Server configuration is now complete.

 

Step 2. Set up client

In order to set up the client, we will need to compile vtrunkd the same way as we did it on server, but this time we will do it on an ARM board. Log in to Banana Pi, the default user and password for Banana Pi ubuntu is pi and bananapi:

 

 

also make sure to add to sysctl.conf:

 

and in rc.local:

 

Now here comes the tricky part. In order for vtrunkd to utilize our 3 connections, we will need to set up 3 different routing tables and rules how to route traffic to them. In the default client config vtrunkd uses packet mark 1 to 3 for each of our 3 connection, so we will need to install 3 rules:

 

and add three rules to tables to prevent accidental routing:

you can place these lines in /etc/rc.local to be sure that they will be added after reboot.

 

The next thing is configuring interfaces. As all these huawei modems have the same IP address and MAC address (not usually the case if you have different providers) – we will have to manually configure them from command line.

 

I use this simple script to configure modems and set default routes through these modems in the three tables we just created:

In my example I put it to /opt/modem.sh. This script will constantly retry configuring modems and adding to tables, as well as setting the default gateway.

 

You can check that the modem is configured properly by using these commands:

 

Now as the modems are okay, we will use client vtrunkd config from the package, change the password:

 

 

And finally start vtrunkd for each modem with these commands:

 

where XXX.XXX.XXX.XXX is IP address of your server.

 

Now you can see the interface tun1 appeared and can ping 10.0.0.1 – the address our server has, and finally test some downloading!

 

In order to use your board as the actual router, you will have to further configure it, for example as is explained here: http://www.yourownlinux.com/2013/07/how-to-configure-ubuntu-as-router.html or in the official ubuntu documentation.

 

Your final rc.local on the Banana Pi may look something like this:

 

In this example I have shown how to do basic configuration to make use of multichannel vpn bonding that vtrunkd provides, that allows aggregated link speeds and seamless failover. Other possible use cases are data duplication to enable guaranteed delivery and guaranteed minimum possible latency, bufferbloat control, live video streaming optimization, and others. Vrayo Systems provides professional updates, bug fixes and support for commercial vtrunkd deployments on various types of hardware.

user-gravatar
Andrew Gryaznov
No Comments

Post a Comment