It is most definitely possible. I think the kernel module would need modified
to use a different netfilter hook. Currently the opennop module only captures
"forwarded/routed" traffic. That might not work on a bridge interface as I
don't know what netfilter hooks traffic will pass on a bridged interface.
I have not had a request for it until now but its one of those things I
planned on anyway. Feel free to submit a feature request.
I went ahead and made a feature request for this. It looks like it should be
pretty easy to implement provided the kernel your using is new enough. If your
using the appliance it will be fine.
Unfortunately bridge mode support has not been added yet. The cli framework was just recently implemented and I want to finish getting it cleaned up a little before adding any additional features. The cli was a major holdup for almost all future features so it’s very good to finally have that done. I am optimistic that we will start getting things implemented at a much faster pace now.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
I get this:
zypper install git
mkdir /usr/src/opennop
cd /usr/src/opennop
git clone http://git.code.sf.net/p/opennop/module
cd module
make
OK to here than:
:/usr/src/opennop/module # insmod opennopdrv.ko mode=bridged
insmod: error inserting 'opennopdrv.ko': -1 File exists
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
You should see opennopd using some CPU in "top". How much depends on the TCP traffic going through it. In my test enviroment I was seeing 100% CPU for about 50Mbps. Thats with the entire lab running in VMs on a single host.
The CLI has just been finished along with several other enhancements. Those should be avaliable soon.
Are you using the appliance?
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
No. I loaded from scratch from the DVD ISO from 12.1 and then installed the RPM you had for 12.1. After that I added the module with the bridging command that you posted and restarted the service.
I have a 4G Aircard Router that I am going to test with as well over the VPN Tunnel.
Will keep an eye out for the CLI.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Justin,
I have done some test, set to bridge. But is seems to slow everything down. I am using jperf to test in lab. I am using the appliance. I had it set to up as routing and just changed network to bridge and load module and restarted the service. I see opennopd in "top" but only using about 7%. In routed mode it would show %50 per cpu core. It is almost like each end does not know where the other end is. I will try reload appliance and starting over from scratch. To see if that helps.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
You still need an IP assigned to the bridge interface that the OpenNOP daemon can use as its ID. I dont know if the daemon will see the IP of the bridged interface or not. If it cannot you will see an error like "Initialization: No usable IP Address." in "/var/log/messages".
So make sure it has a uniqe IP.
ifconfig br0 <ip> netmask <mask>
You might just want to install the yast tools to do all that.
Last edit: Justin Yaple 2013-04-04
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Just an update had had to change the order of network adapters on each appliance. It now works great. I had order of port to lan switch and port to router different at each end so, I made it the same at each end and works like in routed mode. If I run jperf doing same as in routed mode.
thanks,
BMG
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
That’s great you were able to get things working. I would not expect what port you have connected to the router or switch to matter in the slightest. It should just intercept traffic if it will be bridged. If that’s from eth0 to eth1 or from eth 1 to eth0 is irrelevant. In fact it has to work in both directions for OpenNOP to accelerate any traffic.
Would this be possible to setup? It would make it "transparent" and very easy
to deploy.
It is most definitely possible. I think the kernel module would need modified
to use a different netfilter hook. Currently the opennop module only captures
"forwarded/routed" traffic. That might not work on a bridge interface as I
don't know what netfilter hooks traffic will pass on a bridged interface.
I have not had a request for it until now but its one of those things I
planned on anyway. Feel free to submit a feature request.
https://sourceforge.net/tracker/?group_id=319888&atid=1344827
I went ahead and made a feature request for this. It looks like it should be
pretty easy to implement provided the kernel your using is new enough. If your
using the appliance it will be fine.
I have been working on a CLI to give some visibility into the opennop daemon
and the ability to modify settings while the daemon is running. Ill make sure
to add a setting to change into "bridge mode" once I get the CLI done.
https://sourceforge.net/tracker/index.php?func=detail&aid=3552329&group_id=31
9888&atid=1344827
Justin.
Have you made any progress on Bridge Mode support?
Last edit: BMG 2013-03-19
Unfortunately bridge mode support has not been added yet. The cli framework was just recently implemented and I want to finish getting it cleaned up a little before adding any additional features. The cli was a major holdup for almost all future features so it’s very good to finally have that done. I am optimistic that we will start getting things implemented at a much faster pace now.
Thanks for the update.
Hello,
I potentially have some good news for you. Bridged mode hase been added to the kernel module but its untested and only avaliable in the git repo.
Here is how you can try it.
Please let me know if it worked :)
I will test it and let you know.
I get this:
zypper install git
mkdir /usr/src/opennop
cd /usr/src/opennop
git clone http://git.code.sf.net/p/opennop/module
cd module
make
OK to here than:
:/usr/src/opennop/module # insmod opennopdrv.ko mode=bridged
insmod: error inserting 'opennopdrv.ko': -1 File exists
That means the kernel module is already loaded.
You can confirm with this command.
lsmod | grep opennopdrv
Just unload the existing kernel module.
rmmod opennopdrv
Justin,
I have this bridging setup in place over a Cable VPN with 2 OpenSUSE 12.1 boxes.
Should I be seeing additional threads/CPU/Memory at one or both sites when opening/copying files for opennopd?
Is there any statistics logging that opennopd creates that can be looked at?
Thanks,
KBP
You should see opennopd using some CPU in "top". How much depends on the TCP traffic going through it. In my test enviroment I was seeing 100% CPU for about 50Mbps. Thats with the entire lab running in VMs on a single host.
The CLI has just been finished along with several other enhancements. Those should be avaliable soon.
Are you using the appliance?
No. I loaded from scratch from the DVD ISO from 12.1 and then installed the RPM you had for 12.1. After that I added the module with the bridging command that you posted and restarted the service.
I have a 4G Aircard Router that I am going to test with as well over the VPN Tunnel.
Will keep an eye out for the CLI.
Justin,
I have done some test, set to bridge. But is seems to slow everything down. I am using jperf to test in lab. I am using the appliance. I had it set to up as routing and just changed network to bridge and load module and restarted the service. I see opennopd in "top" but only using about 7%. In routed mode it would show %50 per cpu core. It is almost like each end does not know where the other end is. I will try reload appliance and starting over from scratch. To see if that helps.
Just checking here but did you create a bridge interface in the appliance?
I am not 100% on this but it should be something like
You still need an IP assigned to the bridge interface that the OpenNOP daemon can use as its ID. I dont know if the daemon will see the IP of the bridged interface or not. If it cannot you will see an error like "Initialization: No usable IP Address." in "/var/log/messages".
So make sure it has a uniqe IP.
You might just want to install the yast tools to do all that.
Last edit: Justin Yaple 2013-04-04
Yes I created a bridge interface. I used yast to do it. I can SSH to br0 on both and traffic will pass across to both appliances.
Just an update had had to change the order of network adapters on each appliance. It now works great. I had order of port to lan switch and port to router different at each end so, I made it the same at each end and works like in routed mode. If I run jperf doing same as in routed mode.
thanks,
BMG
That’s great you were able to get things working. I would not expect what port you have connected to the router or switch to matter in the slightest. It should just intercept traffic if it will be bridged. If that’s from eth0 to eth1 or from eth 1 to eth0 is irrelevant. In fact it has to work in both directions for OpenNOP to accelerate any traffic.
Related
Feature Requests:
#13