Date: Fri, 29 Feb 2008 18:14:34 +0100 From: Bartosz Giza <gizmen@blurp.pl> To: "Max Laier" <max@love2party.net> Cc: freebsd-net@freebsd.org Subject: Re: redirecting connections based on probability Message-ID: <200802291814.34559.gizmen@blurp.pl> In-Reply-To: <55614.192.168.4.151.1204302487.squirrel@router.laiers.local> References: <200802291635.38308.gizmen@blurp.pl> <55614.192.168.4.151.1204302487.squirrel@router.laiers.local>
next in thread | previous in thread | raw e-mail | index | archive | help
=46riday 29 of February 2008 17:28:07 napisa=C5=82e=C5=9B(-=C5=82a=C5=9B):
> Am Fr, 29.02.2008, 16:35, schrieb Bartosz Giza:
> > Hi,
> >
> > I have to do such a thing like redirecting connections to port 80 based
> > on probability. For example i need to redirect 10% requests to my web
> > server and
> > other 90% of requests should go to the original location.
> >
> > I know that pf has probability feature but there is no probability opti=
on
> > for
> > rdr rules. I have tryied couple of methods that could work but they
> > didn't
> >
> > :(
> >
> > The problem is that rdr rules works on incoming packets so i can't use
> > them
> > dirrectly because i don't want to redirect all packets to different
> > location.
> >
> > Could somebody tell me is such a thing possible in pf ? If yes please
> > point me
> > how is that possible.
>
> Say you want to share 1/3 -> IP_A and 2/3 -> IP_B (for the sake of
> brevity):
>
> rdr on $ext_if proto tcp from any to any port 80 \
> -> { $IP_B, $IP_A, $IP_B } round-robin
>
> This also works with random pool selection. src-hash and bitmask are
> obviously another story. sticky-address might also skew the results, but
> could be a good idea nontheless.
Hmm the problem is that i need to redirect only some % of packages and othe=
rs=20
leave untouched (no rdr) But in this example i have to put redirection=20
addresses but i don't know them.
Exactly what i need is to redirect some percentage of all web connections t=
o=20
my www server where would be page with some information for a client. The=20
rest of those connections would be passed without redirection. So i need=20
something like this:
rdr on $int_if inet proto tcp from someip to any port 80 probability 0.1 ->=
=20
mywebserver
But the problem is rdr rule does not understand probability keyword.
=46or now i don't have a clue how to do this with pf.
Other question is where can i use such a rule:
rdr on $int_if inet proto tcp from someip to any port 80 tagged key -> mywe=
bsr
I can't really imagine how can i use key word tagged with rdr rule. What i=
=20
know rdr are done on packets that come in to the iface and it is done on th=
e=20
begining. So i can't imagie situation where can i use such a construcion.
=2D-=20
Pozdrawiam
Bartosz Giza
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200802291814.34559.gizmen>