Re: [LARTC] Load Balance and SNAT problem.

To:	lartc@mailman.ds9a.nl
Subject:	Re: [LARTC] Load Balance and SNAT problem.
From:	"John Chang" <mofish@gmail.com>
Date:	Tue, 26 Jun 2007 19:36:50 +0800
Delivered-to:	sp-com-lists@consult.net
Delivered-to:	lartc-list@securepoint.com
Delivered-to:	lartc@outpost.ds9a.nl
Dkim-signature:	a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:mime-version:content-type; b=FPa4srHet17J+gokx0a0WN5SHO7tJL51v8McgxfkXNi+pDkwQSuARz/ooYzDD75Dk70s2yFCJPJqQlUWwOkUkLwLjMep6OgbeEQ1ePbTZK3+Gj/2VydVstwx/E2UFyopaAxAxmSHYamYMm5Ud8yVP2Y7qiq0l9mJPSr4IE3T2Z8=
Domainkey-signature:	a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:mime-version:content-type; b=TpeC7ArHPwALxqOLEuXycqgIZUlsej/7sMuOzxYl9Davze8kG1sFLs5WT8ULBoRQRscqzCzfIfVr2c84B8riAgwK3HVbAKb2muM14FrrS+8hgkmMPQguXFHCLkssylW02ZaRWxEKxSsnbhdQE/S3W4SPxv6dQZuJdYPD1ryTCRs=
List-archive:	<http://mailman.ds9a.nl/pipermail/lartc>
List-help:	<mailto:lartc-request@mailman.ds9a.nl?subject=help>
List-id:	"Mailinglist of the Linux Advanced Routing & Traffic Control project" <lartc.mailman.ds9a.nl>
List-post:	<mailto:lartc@mailman.ds9a.nl>
List-subscribe:	<http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc>, <mailto:lartc-request@mailman.ds9a.nl?subject=subscribe>
List-unsubscribe:	<http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc>, <mailto:lartc-request@mailman.ds9a.nl?subject=unsubscribe>
Sender:	lartc-bounces@mailman.ds9a.nl

Thanks for your advices.

Currently my test scripts will make both WAN connections break, when I unplug one WAN connection.

So I can not implement the fail-over mechanism.

My original idea is to mark all packets as 1 when connection WAN2 breaks or mark all packets as 2 when connection WAN1 breaks.

But now one connection breaks will make both connections break.

I could not identify which connection breaks? It is weird. ><"

------------------------------------------------------------------------------------------------------

Grant Taylor wrote:
>
>> Could you give me a suggestion?
>> Thanks.
>
> Do not use this method to load balance. Look in to Equal Cost Multi
> Path (a.k.a. ECMP) routing and specifying multiple default gateways on
> one route command. The kernel should try to load balance across the
> multiple default gateways for you while maintaining connections.
>

This is a bad bad advice in this day and age. If there are not enough
users route caching will kill him. Here is a recent discussion of this:
http://marc.info/?l=lartc&m=117912699505681&w=2

HTH

Peter

P.S. I am not insisting that netfilter is superior in this regard, I am
simply expressing common requirements and looking into ways of achieving
them. If someone can point me to how to do this with kernel routes - I
am all ears, since I recognize that the netfilter solution is not very
elegant, although it works.

_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc

<Prev in Thread]	Current Thread	[Next in Thread>
[LARTC] Load Balance and SNAT problem., John Chang Re: [LARTC] Load Balance and SNAT problem., Grant Taylor Re: [LARTC] Load Balance and SNAT problem., Peter Rabbitson Re: [LARTC] Load Balance and SNAT problem., Grant Taylor Re: [LARTC] Load Balance and SNAT problem., VladSun Re: [LARTC] Load Balance and SNAT problem., John Chang <=

Previous by Date:	Re: [LARTC] Load Balance and SNAT problem., Peter Rabbitson
Next by Date:	Re: [LARTC] Load Balance and SNAT problem., Grant Taylor
Previous by Thread:	Re: [LARTC] Load Balance and SNAT problem., VladSun
Next by Thread:	[LARTC] Using Julian Anastasov's 'routes' patches on 2.4 kernel in conjunction with IPSec, Seba Tiponut
Indexes:	[Date] [Thread] [Top] [All Lists]