From owner-freebsd-ipfw@FreeBSD.ORG  Wed Apr 12 21:46:20 2006
Return-Path: <owner-freebsd-ipfw@FreeBSD.ORG>
X-Original-To: freebsd-ipfw@freebsd.org
Delivered-To: freebsd-ipfw@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 7BDDD16A407
	for <freebsd-ipfw@freebsd.org>; Wed, 12 Apr 2006 21:46:20 +0000 (UTC)
	(envelope-from billf@elvis.mu.org)
Received: from elvis.mu.org (elvis.mu.org [192.203.228.196])
	by mx1.FreeBSD.org (Postfix) with ESMTP id BF17C43D45
	for <freebsd-ipfw@freebsd.org>; Wed, 12 Apr 2006 21:46:19 +0000 (GMT)
	(envelope-from billf@elvis.mu.org)
Received: by elvis.mu.org (Postfix, from userid 1098)
	id A4BDD1A4D89; Wed, 12 Apr 2006 14:46:19 -0700 (PDT)
Date: Wed, 12 Apr 2006 14:46:19 -0700
From: Bill Fumerola <billf@FreeBSD.org>
To: Gilberto Villani Brito <linux@giboia.org>
Message-ID: <20060412214619.GT9364@elvis.mu.org>
References: <20060411092932.42148fd8@giboia>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20060411092932.42148fd8@giboia>
User-Agent: Mutt/1.4.2.1i
X-Operating-System: FreeBSD 6.1-MUORG-20060326 amd64
X-PGP-Key: 1024D/7F868268
X-PGP-Fingerprint: 5B2D 908E 4C2B F253 DAEB  FC01 8436 B70B 7F86 8268
Cc: freebsd-ipfw@freebsd.org
Subject: Re: Load-balancing
X-BeenThere: freebsd-ipfw@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: IPFW Technical Discussions <freebsd-ipfw.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw>,
	<mailto:freebsd-ipfw-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-ipfw>
List-Post: <mailto:freebsd-ipfw@freebsd.org>
List-Help: <mailto:freebsd-ipfw-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw>,
	<mailto:freebsd-ipfw-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 12 Apr 2006 21:46:20 -0000

On Tue, Apr 11, 2006 at 09:29:32AM -0300, Gilberto Villani Brito wrote:
> I would make load-balancing using ipfw, but I have 2 routers in the same interface:
> 
> FreeBSD (200.xxx.xxx.3) -------> GW1 (200.xxx.xxx.1) (63%)
>                             |--> GW2 (200.xxx.xxx.2) (33%)
> 
> How can I make load-balancing using ipfw???
> 
> I'm using pf (pass out on em0 route-to (em0 200.xxx.xxx.2) round-robin from any to any keep state probability 33%), but I would like use just one firewall.

the same concept you're using applies to ipfw:

# ipfw add prob 0.33 fwd 200.x.x.2 ip from any to any

or if you have multiple interfaces:

# ipfw add prob 0.33 fwd 200.x.x.2 ip from any to any xmit em0

any laziness-induced syntax errors i've made notwithstanding those should
work fine. remember to compile IPFIREWALL_FORWARD and enable ip forwarding.

-- bill