From owner-freebsd-net  Sun Mar 18 19:43: 3 2001
Delivered-To: freebsd-net@freebsd.org
Received: from filk.iinet.net.au (syncopation-dns.iinet.net.au [203.59.24.29])
	by hub.freebsd.org (Postfix) with SMTP id 0EEF337B718
	for <freebsd-net@FreeBSD.ORG>; Sun, 18 Mar 2001 19:42:59 -0800 (PST)
	(envelope-from julian@elischer.org)
Received: (qmail 2939 invoked by uid 666); 19 Mar 2001 03:44:19 -0000
Received: from i087-092.nv.iinet.net.au (HELO elischer.org) (203.59.87.92)
  by mail.m.iinet.net.au with SMTP; 19 Mar 2001 03:44:19 -0000
Message-ID: <3AB58012.2D7F6A05@elischer.org>
Date: Sun, 18 Mar 2001 19:42:10 -0800
From: Julian Elischer <julian@elischer.org>
X-Mailer: Mozilla 4.7 [en] (X11; U; FreeBSD 5.0-CURRENT i386)
X-Accept-Language: en, hu
MIME-Version: 1.0
To: Wes Peters <wes@softweyr.com>
Cc: Nick Rogness <nick@rogness.net>, freebsd-net@FreeBSD.ORG,
	Jeroen Ruigrok/Asmodai <asmodai@wxs.nl>
Subject: Re: same interface Route Cache
References: <Pine.BSF.4.21.0103172322030.18063-100000@cody.jharris.com> <3AB4E92C.7F668DD9@softweyr.com>
Content-Type: text/plain; charset=iso-8859-15
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-net@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

Wes Peters wrote:
> 

> 
> It struck me last night that if you want to load-balance between two ISPs,
> you could simply pick a bit in the address and use it to select one or the
> other.  If you pick your bit appropriately -- I'd go for something in the
> second byte -- you might luck out and get a nearly 50/50 spread.  That would
> be no less hackish and a lot easier to maintain.

exactly what I suggested before, but the return packets will all come back 
on a single interface, unless you pass all teh packets that are going out 
one of the interfaces through natd first. That in turn breaks incoming sessions
that come in through the 'plain' interface but get outbound routed through
natd. You need to have stateful rules in teh incoming firewall that remember
that
a session was incoming and keep it from being shifted to the natd. This CAn be
done 
using NATDs stateful rules I think but I haven't done it.


> 
> --
>             "Where am I, and what am I doing in this handbasket?"
> 
> Wes Peters                                                         Softweyr LLC
> wes@softweyr.com                                           http://softweyr.com/
> 
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-net" in the body of the message

-- 
      __--_|\  Julian Elischer
     /       \ julian@elischer.org
    (   OZ    ) World tour 2000-2001
---> X_.---._/  
            v

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-net" in the body of the message