Date: Sat, 23 Oct 2004 17:14:32 +0400 (MSD) From: Igor Sysoev <is@rambler-co.ru> To: Stephane Raimbault <segr@hotmail.com> Cc: net@freebsd.org Subject: Re: using natd to load balance port 80 to multiple servers Message-ID: <20041023165912.J6546@is.park.rambler.ru> In-Reply-To: <BAY24-F38qIfQdmEB4H0000f819@hotmail.com> References: <BAY24-F38qIfQdmEB4H0000f819@hotmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, 23 Oct 2004, Stephane Raimbault wrote: > I'm currently using a freebsd box running natd to forward port 80 to several > (5) web servers on private IP's. > > I have discovered that natd doesn't handle many requests/second all that > well (seem to choke at about 200 req/second (educated guess)) > > There are other packet filtering options on FreeBSD and I wonder if I can > use them to do what I'm trying to do with natd. > > Would someone be able to point me to documentation or help me have either > ipf/ipfw/pf forward port 80 traffic to private space IP's? > > Is there a better way of split port 80 traffic across multiple webservers > that has elduded me? Other then a comercial content switch that is :) > > I've worked with the loadd port and ran into some problems, so I resulted in > simply using some natd syntax to forward port 80 traffic to multiple > servers... Now that seems to have run to it's limitation and I'm wondering > if I can do the same thing with ipf/ipfw/pf as I believe that might be a bit > more efficient. > > Any feedback would be appreciated... You could look at PF. Also you could use http reverse-proxy like nginx, look the example of the configuration (the page is in Russian, but the configuration is in English :) http://sysoev.ru/nginx/docs/example.html Currenty, to proxy the several servers you need to set up their IPs under one name in DNS. nginx would connect to them in round robin. If some server does not response then nginx would try the next. You could set several reasons to try the next server: proxy_next_upstream error timeout invalid_header http_500; or even proxy_next_upstream error timeout invalid_header http_500 http_404; nginx was tested on several busy sites under FreeBSD (serving the static files and the proxing, using kqueue/select/poll), Linux (static and proxy, using epoll, rt signals) and Solaris (static only, using /dev/poll). Igor Sysoev http://sysoev.ru/en/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20041023165912.J6546>