Bonding
Bonding
Section titled “Bonding”Bonding in RouterOS combines multiple physical Ethernet interfaces into a single logical interface, providing higher data rates and failover protection. This technology is essential for networks requiring both increased bandwidth and high availability without the complexity of dynamic routing protocols.
Bonding differs from simply increasing interface speed. It creates a virtual interface that load balances traffic across multiple physical links, providing both aggregation benefits and redundancy. When properly configured, bonding ensures continuous connectivity even when individual links fail.
Summary
Section titled “Summary”Interface bonding addresses two primary network requirements: bandwidth aggregation and link redundancy. By combining multiple Ethernet interfaces, networks can achieve throughput exceeding the limitations of single links while maintaining connectivity through automatic failover when links fail.
RouterOS supports seven bonding modes, each designed for different use cases ranging from standards-compliant LACP to simple active-backup failover. Mode selection depends on the connected equipment capabilities, required redundancy level, and whether the remote device supports link aggregation protocols.
Only specific bonding modes support hardware offloading on MikroTik devices with switch chips. The CRS3xx, CRS5xx series switches, CCR2116, and CCR2216 routers support hardware offloading for 802.3ad, balance-xor, and active-backup modes. Other modes require CPU processing, which may impact performance on high-throughput links.
Link monitoring is critical for failover functionality. Without proper link monitoring, bonding will continue sending traffic over failed links, causing network degradation. RouterOS supports both ARP and MII monitoring methods, each with distinct advantages depending on network topology.
How Bonding Works
Section titled “How Bonding Works”Bonding operates at the data link layer, combining multiple physical interfaces into a single logical interface that appears to the operating system as a standard Ethernet interface. The bonding driver manages member interfaces, distributing outgoing traffic according to the selected mode and monitoring link health for failover activation.
Interface Types
Section titled “Interface Types”The bonding interface appears as a standard network interface to other RouterOS features. You can assign IP addresses, add firewall rules, bridge the interface, or use it with any other RouterOS functionality. The bonding driver handles the complexity of managing member interfaces transparently.
# Create basic bonding interface/interface bonding add name=bond1 slaves=ether2,ether3
# Assign IP address to the bonded interface/ip address add address=192.168.1.1/24 interface=bond1Traffic Distribution
Section titled “Traffic Distribution”Traffic distribution depends on the bonding mode and transmit hash policy. Hash-based modes like 802.3ad and balance-xor use header information to determine which member interface carries each packet. This ensures packets belonging to the same flow take the same path, maintaining packet ordering for protocols sensitive to reordering.
# View traffic distribution across bond members/interface monitor-traffic bond1 onceFailover Behavior
Section titled “Failover Behavior”When a member link fails, the bonding driver automatically redistributes traffic to remaining active members. The failover time depends on the link monitoring method configured. MII monitoring typically detects failures within milliseconds, while ARP monitoring may take slightly longer depending on the monitoring interval.
Bonding Modes
Section titled “Bonding Modes”RouterOS supports seven bonding modes, each with specific characteristics for different network scenarios. Mode selection determines load balancing behavior, failover characteristics, and compatibility with connected devices.
| Mode | Load Balancing | Hardware Offload | Remote Requirement | Primary Use Case |
|---|---|---|---|---|
| 802.3ad | Hash-based | Yes | LACP capable | Enterprise aggregation |
| balance-xor | Hash-based | Yes | None | Static LAG |
| balance-rr | Round-robin | No | None | Simple aggregation |
| active-backup | Single link | Yes | None | Failover redundancy |
| broadcast | All links | No | None | Specific redundancy |
| balance-tlb | Outbound only | No | None | Asymmetric links |
| balance-alb | Bidirectional | No | None | Adaptive balancing |
802.3ad (LACP)
Section titled “802.3ad (LACP)”802.3ad is the IEEE standard for Link Aggregation Control Protocol (LACP). This mode provides automatic configuration of link aggregates with minimal switch configuration. LACP continuously monitors link health and automatically redistributes traffic when member links fail or are added.
The mode mandates that all devices in the aggregate operate at the same speed and duplex mode. Traffic distribution uses a hash of protocol header information, including source and destination MAC addresses, and when available, VLAN tags and IP addresses.
# Create LACP bond with two member ports/interface bonding add name=bond-lacp slaves=ether2,ether3 mode=802.3ad
# Configure LACP rate (1sec for faster failover, 30secs default)/interface bonding set [find name=bond-lacp] lacp-rate=1sec
# Verify LACP status (active/inactive ports, LACP system info)/interface bonding monitor bond-lacp onceLACP balances outgoing traffic based on hashed header information and accepts incoming traffic from any active port. The ARP link monitoring is not recommended with 802.3ad because ARP replies might arrive on only one slave port due to the transmit hash policy on the LACP peer device, potentially causing unbalanced traffic distribution.
For 802.3ad mode, MII monitoring is recommended over ARP monitoring to avoid traffic distribution issues caused by the connected device’s hashing behavior.
balance-xor
Section titled “balance-xor”Balance-xor mode provides static load balancing similar to LACP but without the negotiation protocol. This mode hashes protocol header information to distribute traffic across active ports. The mode works with static Link Aggregation Group (LAG) interfaces on switches that do not support LACP.
# Create balance-xor bond/interface bonding add name=bond-xor slaves=ether2,ether3,ether4 mode=balance-xor
# Use layer-2-and-3 hash for better distribution/interface bonding set [find name=bond-xor] transmit-hash-policy=layer-2-and-3The static nature of balance-xor requires link monitoring configuration to detect failures. Without monitoring, failed ports continue receiving traffic until the failure is detected through other means.
balance-rr
Section titled “balance-rr”Balance-rr (round-robin) transmits packets sequentially across all available member ports. This mode provides simple aggregation without requiring matching configuration on the remote device. All member ports remain active, transmitting packets in rotation.
# Create balance-rr bond/interface bonding add name=bond-rr slaves=ether2,ether3 mode=balance-rrThis mode is the only one that sends packets across multiple interfaces belonging to the same TCP/IP connection. However, packets are often received out of order, causing segment retransmissions that can impact performance. For TCP connections, this reordering may significantly reduce effective throughput.
Balance-rr works well for bonding multiple wireless links of equal bandwidth but requires all bonded links to have matching speeds. If one link’s bandwidth drops, the total bond bandwidth becomes limited to the slowest link.
active-backup
Section titled “active-backup”Active-backup mode provides simple failover protection with one active slave while others remain standby. When the active link fails, a standby interface automatically takes over. This mode offers maximum redundancy without LACP complexity.
# Create active-backup bond with ether2 as primary/interface bonding add name=bond-backup slaves=ether2,ether3 mode=active-backup primary=ether2The primary interface parameter designates which port serves as the active link. When the primary link fails, the first available backup becomes active. When the primary recovers, it automatically reassumes active status.
broadcast
Section titled “broadcast”Broadcast mode transmits identical packets on all member interfaces simultaneously. This mode provides fault tolerance for specific applications requiring complete redundancy but does not provide load balancing. All bandwidth beyond one link is unused unless failover occurs.
# Create broadcast bond/interface bonding add name=bond-broadcast slaves=ether2,ether3 mode=broadcastbalance-tlb
Section titled “balance-tlb”Balance-tlb (Transmit Load Balancing) distributes outgoing traffic across active slaves based on current load. This mode supports different speeds and duplex settings on member interfaces without special switch configuration. The primary disadvantage is that incoming traffic is not balanced.
# Create balance-tlb with ether2 as primary (higher bandwidth)/interface bonding add name=bond-tlb slaves=ether2,ether3 mode=balance-tlb primary=ether2For balance-tlb mode, the primary interface receives all incoming traffic. If the primary fails, another slave takes over the MAC address of the failed interface, ensuring continued connectivity. Only MII link monitoring is supported; ARP monitoring is ignored in this mode.
balance-alb
Section titled “balance-alb”Balance-alb (Adaptive Load Balancing) extends balance-tlb by also balancing incoming IPv4 traffic through ARP negotiation. The bonding driver intercepts ARP requests and responds with different MAC addresses for different peers, directing incoming traffic across multiple links.
# Create balance-alb bond/interface bonding add name=bond-alb slaves=ether2,ether3 mode=balance-albThis mode requires device driver capability to change MAC addresses and is incompatible with local-proxy-arp settings. Like balance-tlb, only MII monitoring is supported.
Link Monitoring
Section titled “Link Monitoring”Link monitoring is essential for bonding functionality. Without proper monitoring, the bonding driver cannot detect failed links and will continue sending traffic over broken connections, causing network degradation and connectivity issues.
RouterOS supports two link monitoring methods: MII (Media Independent Interface) and ARP monitoring. These methods cannot be used simultaneously due to bonding driver restrictions.
ARP Monitoring
Section titled “ARP Monitoring”ARP monitoring sends ARP queries to target IP addresses and uses responses as an indication that links are operational. This method provides assurance that traffic actually flows over links because any received packet indicates the interface is functional.
# Enable ARP monitoring with target IP/interface bonding set [find name=bond1] link-monitoring=arp arp-ip-targets=192.168.1.2
# Configure multiple targets for high availability/interface bonding set [find name=bond1] arp-ip-targets=192.168.1.2,192.168.1.3
# Adjust ARP interval (default 100ms)/interface bonding set [find name=bond1] arp-interval=50msARP monitoring requires the target IP address to be reachable on the bonded network segment. For directly connected routers, use the peer router’s IP address on the bond interface.
For balance-rr and balance-xor modes with ARP monitoring, ensure the connected switch distributes ARP replies across all links. Otherwise, all responses arrive on a single link, potentially causing other links to fail monitoring checks.
MII Monitoring
Section titled “MII Monitoring”MII monitoring checks the physical layer link status through the device driver. This method detects local interface status but cannot determine if traffic actually passes through the link or if the remote device is functional.
# Enable MII monitoring (default)/interface bonding set [find name=bond1] link-monitoring=mii
# Adjust MII monitoring interval (default 100ms)/interface bonding set [find name=bond1] mii-interval=10msMII monitoring is recommended for directly connected devices where ARP responses might not work correctly. It provides faster failover detection compared to ARP monitoring in most configurations.
Quick Setup Guide
Section titled “Quick Setup Guide”This section provides minimal configurations for common bonding scenarios. For more detailed examples, see Bonding Examples.
Basic Active-Backup Between Two Routers
Section titled “Basic Active-Backup Between Two Routers”# Router1: Create bonding interface/interface bonding add name=bond1 slaves=ether2,ether3 mode=active-backup
# Router1: Assign IP address/ip address add address=172.16.0.1/24 interface=bond1
# Router2: Create bonding interface/interface bonding add name=bond1 slaves=ether2,ether3 mode=active-backup
# Router2: Assign IP address/ip address add address=172.16.0.2/24 interface=bond1
# Enable MII monitoring on both routers (recommended for direct connections)/interface bonding set [find name=bond1] link-monitoring=miiLACP with Enterprise Switch
Section titled “LACP with Enterprise Switch”# Router: Create LACP bond/interface bonding add name=bond-lacp slaves=ether2,ether3,ether4,ether5 mode=802.3ad lacp-rate=30secs
# Router: Assign IP address/ip address add address=10.0.0.1/24 interface=bond-lacp
# Verify LACP status (active/inactive ports, LACP system info)/interface bonding monitor bond-lacp onceHardware Offloading
Section titled “Hardware Offloading”Hardware offloading allows the switch chip to handle bonding operations without CPU involvement, preserving CPU resources for other tasks. Not all devices and modes support hardware offloading.
Supported Configurations
Section titled “Supported Configurations”Hardware offloading is supported on CRS3xx, CRS5xx series switches, CCR2116, CCR2216 routers, and devices with 88E6393X, 88E6191X, or 88E6190 switch chips.
Only the following modes support hardware offloading:
- 802.3ad (LACP)
- balance-xor (static LAG)
- active-backup
# Verify hardware offloading is active/interface bonding print# The output shows "running: true" for hardware-offloaded bondsWhen hardware offloading is active, the transmit hash policy cannot be manually changed. CRS3xx, CRS5xx, CCR2116, and CCR2216 devices always use Layer2+Layer3+Layer4 hashing, while 88E6393X, 88E6191X, and 88E6190 switch chips are limited to Layer2 hashing.
Property Reference
Section titled “Property Reference”This section describes all bonding interface properties.
General Properties
Section titled “General Properties”| Property | Description |
|---|---|
| name | Name of the bonding interface |
| slaves | Member interfaces separated by commas (minimum 2) |
| mode | Bonding mode: 802.3ad, active-backup, balance-alb, balance-rr, balance-tlb, balance-xor, broadcast |
| mtu | Maximum Transmit Unit (must not exceed smallest slave L2MTU) |
| disabled | Whether the interface is disabled |
| comment | Short description |
Monitoring Properties
Section titled “Monitoring Properties”| Property | Description |
|---|---|
| link-monitoring | Monitoring method: arp, mii, or none |
| arp-ip-targets | IP addresses for ARP monitoring (comma-separated) |
| arp-interval | ARP monitoring interval in milliseconds (default: 100ms) |
| mii-interval | MII monitoring interval in milliseconds (default: 100ms) |
| up-delay | Delay before enabling bond after link comes up (multiple of mii-interval) |
| down-delay | Delay before disabling bond after link failure detected (multiple of mii-interval) |
LACP Properties
Section titled “LACP Properties”| Property | Description |
|---|---|
| lacp-rate | LACP PDU exchange rate: 1sec or 30secs |
| lacp-user-key | Upper 10 bits of port key (RouterOS v7.3+) |
Failover Properties
Section titled “Failover Properties”| Property | Description |
|---|---|
| primary | Primary interface for active-backup, balance-tlb, and balance-alb modes |
| min-links | Minimum active slaves required for bond to be active (802.3ad mode only) |
Hash Policy
Section titled “Hash Policy”| Property | Description |
|---|---|
| transmit-hash-policy | Hash policy for balance-xor and 802.3ad modes: layer-2, layer-2-and-3, layer-3-and-4 |
Monitoring Commands
Section titled “Monitoring Commands”# Monitor overall bond status (active/inactive ports, LACP system info)/interface bonding monitor bond1 once
# View traffic statistics/interface monitor-traffic bond1 once
# View full configuration/interface bonding print detailCommon Issues
Section titled “Common Issues”Link Monitoring Not Working
Section titled “Link Monitoring Not Working”If bonded links fail but traffic continues over failed links, link monitoring is not properly configured. Always enable either ARP or MII monitoring:
# Enable MII monitoring/interface bonding set [find name=bond1] link-monitoring=miiUnbalanced Traffic Distribution
Section titled “Unbalanced Traffic Distribution”With 802.3ad or balance-xor, traffic may appear unbalanced due to the hash algorithm. Single connections or flows to limited destinations always use one link. Use layer-3-and-4 hash policy for better distribution:
/interface bonding set [find name=bond1] transmit-hash-policy=layer-3-and-4CRS Switch Chip LACP Not Working
Section titled “CRS Switch Chip LACP Not Working”Older CRS devices do not support LACP on the switch chip. Use balance-xor mode instead of 802.3ad for static aggregation, or upgrade to a CRS3xx or newer device.
ARP Monitoring with Balance-Xor
Section titled “ARP Monitoring with Balance-Xor”When using ARP monitoring with balance-xor mode, ensure the connected switch evenly distributes ARP reply packets across all links. Configure the switch to use round-robin or hash ARP responses across all aggregated ports.
Related Documentation
Section titled “Related Documentation”- Bonding Examples - Practical configuration scenarios
- VRRP - Virtual Router Redundancy Protocol for gateway failover
- CRS3xx/CRS5xx Switch Chip Features - Hardware offloading details