In my previous post I've talk about how to configure bonding. If you are using XEN, you'll need to configure a bridge to be able to give Internet connection to your VPS. All the examples about bridging are focused in create a bridge with a single physical network interface, but what if you want to configure the bridge on top of a bonded interfaces? I didn't found a clear answer on the Internet but is really straightforward, though.

Here is my /etc/network/interfaces file:

auto lo
iface lo inet loopback

auto bon0
#iface bon0 inet static
iface bon0 inet manual
    #address 192.168.1.100
    #netmask 255.255.255.0
    #network 192.168.1.0
    #gateway 192.168.1.1
    slaves eth0 eth1
    bond_mode active-backup
    bond_miimon 100 
    bond_downdelay 200 
    bond_updelay 200

auto xenbr0
allow-hotplug xenbr0
iface xenbr0 inet static
    bridge_ports bon0
    address 192.168.1.100
    netmask 255.255.255.0
    network 192.168.1.0
    gateway 192.168.1.1
    bridge_stp off 
    bridge_waiport 0
    bridge_fd 0

I've commented out the lines that I've changed from my previous post. I strongly recommend to setup first the bonding to the Dom-0 and after it's up and working, then try to create the bridge on top of the bond.

Again, the configuration talks by itself. In the bond, the relevant part is that has changed from static to manual. We have commented out all the network configuration, because this must be configured in the bridge. The xenbr0 is really easy to understand: bridge_ports bon0 tells the bridge to use the bond0 as underlying interface (remember, bond0 cannot have network configuration!!). Then we configure the network, and then set up some useful bridge parameters such as switching off the STP protocol.

And basically this is it. Remember, if you are tying to configure bonding/bridging or networking stuff in general on a remote server.... well, maybe it could be useful to have a script that restarts the machine and sets up the "working values" of the network every hour or so. Same as if you are playing with iptables or alike.

Take care.