Using the stock setup I did not get fault tolerance to work with bonding.
I have done bonding many times with Linux and other tools – in fact I am working on a solution now. Fault tolerance is always the issue. On Linux I tend to do the bonding with teql driver. The solution I am working on now simply creates an ipencap tunnel between sites (using dest ip routing to select correct WAN) then creates a teql driver and enslaves the ipip tunnels. I then simply implement ping based link monitoring and when I see a lack of response from the remote end I remove the enslaved interface until it returns. Works quite well.
I was able to implement this on ZS both at shell using the method outlined above. I was able to create this using part GUI to create the VPN etc. then use shell to fudge the netbalance stuff. I didnt add any link state monitoring on OpenVPN system as I didnt have time to look into how to dynamically add or remove the VPN links using shell.
This is part of the reason I mentioned the query on ZS as a shell only tool and when the netbalance would be added to the GUI. I can see a lot of potential for this and ZS is an excellent package for this.
BTW I have been thinking on bonding and clearly there is a lot of interest. I have ZS systems (along with my other bonding systems) installed in a data centre. I also have a /20 that I subnet and allocate to installed systems and can thus route allocations to routers that can then route them onwards. I have used this to deliver a block of IP from data centre to client-side ZS unit. At data centre I also have BGP routed transit at Tier-1 and can thus provide excellent routing to the Internet. At the head-end I have full access to our own DSL platform and can deploy ZS at head and tail end of the DSL service to provide a bonded DSL with full resilient routing.
I already offer this service to a range of clients as we can also host servers at the head-end and have peering with VoIP interconnect etc. I had been contemplating the option to provide a ZS head-end bonding service providing bonded public Internet access. That is one of the reasons I have been so keen to test with ZS! I wonder would there be much interest for this as a general service rather than a specific solution.