Re: [LARTC] Split access, load balancing AND forwarding: HOW?

LARTC

[Top] [All Lists]

<prev [Date] next>

<prev [Thread] next>

Re: [LARTC] Split access, load balancing AND forwarding: HOW?

from [Ming-Ching Tiew]

[Permanent Link][Original]

To:	<lartc@mailman.ds9a.nl>
Subject:	Re: [LARTC] Split access, load balancing AND forwarding: HOW?
From:	"Ming-Ching Tiew" <mingching.tiew@redtone.com>
Date:	Sat, 24 Feb 2007 07:59:53 +0800
Delivered-to:	sp-com-lists@consult.net
Delivered-to:	lartc-list@securepoint.com
Delivered-to:	lartc@outpost.ds9a.nl
List-archive:	<http://mailman.ds9a.nl/pipermail/lartc>
List-help:	<mailto:lartc-request@mailman.ds9a.nl?subject=help>
List-id:	"Mailinglist of the Linux Advanced Routing & Traffic Control project" <lartc.mailman.ds9a.nl>
List-post:	<mailto:lartc@mailman.ds9a.nl>
List-subscribe:	<http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc>, <mailto:lartc-request@mailman.ds9a.nl?subject=subscribe>
List-unsubscribe:	<http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc>, <mailto:lartc-request@mailman.ds9a.nl?subject=unsubscribe>
References:	<001201c7563d$e96c2140$02bca8c0@freelance><200702230006.53744.luciano@lugmen.org.ar><000101c7571b$ee2eda90$02bca8c0@freelance> <20070223184044.GM17130@samad.com.au>
Sender:	lartc-bounces@mailman.ds9a.nl

From: "Alex Samad" <alex@samad.com.au>

> hi
>
> sorry missed the previous bits of the thread, could you post the relevant 
> info,
> interested to see how this works and why you would pick it over the multipath
> method

Please note my checking of marked traffic is not ( according to the earlier 
posts )

> iptables -t mangle .... -m mark  --mark ! 0 -j ACCEPT

However, it is :-

> iptables -t mangle  .... -m mark  ! --mark  0 -j ACCEPT

I leave it to you guys to decide which is the correct syntax.

The code below is taken from part of my bigger code :-

Cheers.
---------------------code-------------------------------------------

LINK1_MARK=5
LINK2_MARK=7
OUTSIDE_DEV_WEIGHT=0.5
INSIDE_DEVICE=eth0
OUTSIDE_DEVICE=eth1
OUTSIDE_DEVICE2=eth2

SAVEMARK="-m mark ! --mark 0 -j CONNMARK --save-mark"
ACCEPTMARK="-m mark ! --mark 0 -j ACCEPT"
SETMARK1="-j MARK --set-mark ${LINK1_MARK}"
SETMARK2="-j MARK --set-mark ${LINK2_MARK}"
#
#first, restore and accept the mark if there is any
iptables -t mangle -A OUTPUT -j CONNMARK --restore-mark
iptables -t mangle -A PREROUTING -j CONNMARK --restore-mark
iptables -t mangle -A PREROUTING ${ACCEPTMARK}
#handle inbound for link1
iptables -t mangle -A PREROUTING -i ${OUTSIDE_DEVICE} ${SETMARK1}
iptables -t mangle -A PREROUTING -i ${OUTSIDE_DEVICE} ${SAVEMARK}
iptables -t mangle -A PREROUTING ${ACCEPTMARK}
#handle inbound for link2
iptables -t mangle -A PREROUTING -i ${OUTSIDE_DEVICE2} ${SETMARK2}
iptables -t mangle -A PREROUTING -i ${OUTSIDE_DEVICE2} ${SAVEMARK}
iptables -t mangle -A PREROUTING ${ACCEPTMARK}

# (other features implementation snipped )

#handle recent outbound
iptables -t mangle -A PREROUTING -i ${INSIDE_DEVICE} -m recent --name link1 \
 --update --second 300 ${SETMARK1}
iptables -t mangle -A PREROUTING -i ${INSIDE_DEVICE} -m recent --name link2 \
 --update --second 300 ${SETMARK2}
iptables -t mangle -A PREROUTING -i ${INSIDE_DEVICE} ${SAVEMARK}
iptables -t mangle -A PREROUTING ${ACCEPTMARK}
#
#non-recent outbound randomly allocated
#
iptables -t mangle -A PREROUTING -i ${INSIDE_DEVICE} \
  -m statistic --mode random --probability ${OUTSIDE_DEV2_WEIGHT} \
  -m recent --name link2 --set ${SETMARK2}
iptables -t mangle -A PREROUTING -i ${INSIDE_DEVICE} ${SAVEMARK}
iptables -t mangle -A PREROUTING ${ACCEPTMARK}
iptables -t mangle -A PREROUTING -i ${INSIDE_DEVICE} \
  -m recent --name link1 --set ${SETMARK1}
iptables -t mangle -A PREROUTING -i ${INSIDE_DEVICE} ${SAVEMARK}
iptables -t mangle -A PREROUTING ${ACCEPTMARK}




_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
[LARTC] Split access, load balancing AND forwarding: HOW?, Andrew McGill Re: [LARTC] Split access, load balancing AND forwarding: HOW?, Luciano Ruete Re: [LARTC] Split access, load balancing AND forwarding: HOW?, Ming-Ching Tiew Re: [LARTC] Split access, load balancing AND forwarding: HOW?, Luciano Ruete Re: [LARTC] Split access, load balancing AND forwarding: HOW?, Roy Orpiano [LARTC] Here's the code: XML routing, Amin Azez Re: [LARTC] Split access, load balancing AND forwarding: HOW?, Ming-Ching Tiew Re: [LARTC] Split access, load balancing AND forwarding: HOW?, Luciano Ruete Re: [LARTC] Split access, load balancing AND forwarding: HOW?, Ming-Ching Tiew Re: [LARTC] Split access, load balancing AND forwarding: HOW?, Alex Samad Re: [LARTC] Split access, load balancing AND forwarding: HOW?, Ming-Ching Tiew <=

Previous by Date:	[LARTC] Conntrack table full and Heavy p2p loaded traffic manager ..., Sébastien CRAMATTE
Next by Date:	[LARTC] source policy routing and SNAT - wrong hardware adress, Markus
Previous by Thread:	Re: [LARTC] Split access, load balancing AND forwarding: HOW?, Alex Samad
Next by Thread:	[LARTC] what's wrong?, francesco messineo
Indexes:	[Date] [Thread] [Top] [All Lists]