Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 19 Jun 2002 08:05:00 -0600 (MDT)
From:      Randy Smith <randys@amigo.net>
To:        "freebsd-stable@freebsd.org" <freebsd-stable@freebsd.org>
Subject:   IPFW as load balancer
Message-ID:  <20020619075003.W6594-100000@stalker.amigo.net>
next in thread | raw e-mail | index | archive | help 
Hi all,

I want to try to use IPFW to do load balancing for a transparent proxy
cluster. My first idea was to do something like this:

add prob .33 fwd <cacheA>,3128 tcp from <my-net> to any 80
add prob .50 fwd <cacheB>,3128 tcp from <my-net> to any 80
add          fwd <cacheC>,3128 tcp from <my-net> to any 80

But this won't work because the packets for one session will end up at
different caches.

Can keep-state and check-state be used to keep the packets flowing to the
same cache. Is the prob option copied to dynamic rules?

From sys/netinst/ip_fw.c:

 * There are some limitations with dynamic rules -- we do not
 * obey the 'randomized match',

Glancing through ip_fw.c (specifically ip_fw_chk() and lookup_dyn_rule()),
it appears that the probability is not checked/used for dynamic rules.
(Which is probably what the comment above means.) So, if I have these
rules

add prob .33 fwd <cacheA>,3128 tcp from 192.168.0.0/24 to any 80 keep-state
add prob .50 fwd <cacheB>,3128 tcp from 192.168.0.0/24 to any 80 keep-state
add          fwd <cacheC>,3128 tcp from 192.168.0.0/24 to any 80 keep-state

and ipfw get a connection from e.g. 192.168.0.42 that hits the cacheA
rule, does that mean ipfw would create the dynamic rule below?

fwd <cacheA>,3128 tcp from 192.168.0.42 to any 80

If so, it seems to me that it would create a rule that would forward all
of the packets from the client (192.168.0.42) to cacheA. Does this make
sense or am I out in left field?

Thanks for the input.

-- 
Randy Smith
Amigo.Net Systems Administrator
1-719-589-6100 x 4185
http://www.amigo.net/



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020619075003.W6594-100000>