Date: Fri, 7 Dec 2001 14:32:27 -0600 (CST) From: Nick Rogness <nick@rogness.net> To: Lars Eggert <larse@ISI.EDU> Cc: rick norman <rick.norman@lmco.com>, freebsd-hackers@FreeBSD.ORG Subject: Re: Nat through two DSL Message-ID: <Pine.BSF.4.21.0112071350080.4544-100000@cody.jharris.com> In-Reply-To: <3C1103D6.9020106@isi.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, 7 Dec 2001, Lars Eggert wrote: > rick norman wrote: > > > What would be nice would be to load balance on a per connection > > basis, not a per packet basis, between the two modems. > > Any ideas how to do this ? > > > Not with the current mechanisms in FreeBSD. You'd need a simple policy > routing engine (actually, policy forwarding). A prototype based on tun > devices shouldn't be too hard to put together. Basically, you'd want > to pick one of your links based on destination address and optionally > the port pair. An idea on how you would do pseudo load-balancing, would be: ipfw add 500 divert natd1 ip from $NET to 0.0.0.0/1 out via $DSL_INT#1 ipfw add 500 divert natd1 ip from 0.0.0.0/1 to any in via $DSL_INT#1 ipfw add 250 fwd $DSL-2 ip from $NET to 128.0.0.0/1 out via $DSL_INT#1 ipfw add 550 divert natd2 ip from any to any via $DSL_INT#2 Where: - $DSL_INT#1 is the default gateway interface. - $DSL_INT#2 is the interface of the second dsl Service - $DSL-2 is the IP of the gateway to the second dsl Service - $NET is your local network IP subnet. What the above is doing is sending anything from 1-127.X.X.X out dsl service 1 and sending 128-256.X.X.X out dsl service 2. It's not the best way to do it because more traffic may be going to the lower or upper X.X.X.X in which case it would not be symmetrical load balancing. I would be interested to see some measurements to see how this works for people. PS. I don't know if the above will work, but the firewall rules seem to imply it would....haven't tested it though. Nick Rogness <nick@rogness.net> - Keep on Routing in a Free World... "FreeBSD: The Power to Serve!" To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0112071350080.4544-100000>