Automatic Ethernet and WiFi failover on FreeBSD

If one uses a mobile computer like a notebook one might often be in the situation to work with an wired interface when working from an desk or a fixed location (which is usually better than using WiFi) but sometimes wanting to stand up, take the computer and - without any service interruption - move to a different location while communicating via WiFi.

Normally this involes disconnecting ethernet and then connecting to WiFi (getting a new IP adress, re-configuration of routes, etc.) with dropping of all active connections which disrupts for example file copies, video conferences, voice chats, SSH sessions, etc.

One can solve this by using the link aggregation interface with it’s failover interface with cloned MAC adresses on the interfaces. The basic idea is to set the same MAC on the WiFi interface as on the ethernet interface, attach both to the lagg interface and set the aggregation rule to failover.

The basic requirement for this to work is that WiFi and Ethernet are located on the same switched IP subnet - if you’re switching VLANs or are located in different IP segments this does not work!

The link aggregation interface provides multiple modes of operation:

• failover means that the network traffic is normally routed over the first attached interface. If this interface gets disconnected or unavailable traffic is routed over the second interface, if both the first and the second are offline over the third, etc. If the first interface gets available again traffic is routed again via the first (primary) interface.
• lacp is a mode that is using the 802.1AX link aggregation protocol. This protocol is sometimes also called Etherchannel by some manufacturers. To use LAG the switch on the other hand also has to be configured accordingly. This allows all channels on a given lagg group to work like a single interface and aggregate bandwidth.
• loadbalance tries to balance all outgoing traffic and accepts traffic on any incoming port
• roundrobin is sending frames in a round robin fashion over any active interface. Traffic is accepted in any order.
• broadcast sends frame to all ports and receives on any.
• none is simply disabled state. Traffic is not sent anywhere.

In most cases one will want to use failover for the described scenario. One might also want to receive frames on all active interfaces to reduce packet loss when switching from WiFi back to ethernet which is not enabled by default when configuring failover. This behaviour can be configured when setting the net.link.lagg.failover_rx_all to non-zero.

Configuring in rc.conf

To permanently enable link failover one can configure this inside /etc/rc.conf.

First one has to create a cloned lagg interface:

cloned_interfaces="lagg0"

Then the WiFi interface should be created and it’s MAC address will be set to the ethernet MAC of the ethernet interface:

wlans_iwn0="wlan0"
create_args_wlan0="wlanaddr XX:XX:XX:XX:XX:XX"

All attached interfaces will have to be up, the WiFi interface normally should have WPA enabled when using wpa_supplicant:

ifconfig_em0="up"
ifconfig_wlan0="up WPA"

Then one can attach them to the lagg0 interface:

ifconfig_lagg0="up laggproto failover laggport em0 laggport wlan0 DHCP"
ifconfig_lagg0_ipv6="inet6 accept_rtadv"

Then one can restart networking:

/etc/rc.d/netif restart

This should be sufficient to use lagg for WiFi failover.

If one wants to accept traffic on every interface also in failover mode one can add the following line to /etc/sysctl.conf:

net.link.lagg.failover_rx_all=1

If one wants to enable this behavioru at runtime without rebooting, one should execute

sysctl net.link.lagg.failover_rx_all=1

This article is tagged:

• Computer
• FreeBSD
• Administration