Re: load balencing and masquerading?

From: Gregory Maxwell (greg@linuxpower.cx)
Date: Thu Feb 03 2000 - 16:49:13 EST

Next message: nathan.zook@amd.com: "RE: 64bit type printf formats..."
Previous message: Raj, Ashok: "64bit type printf formats..."
In reply to: Brent Clements: "load balencing and masquerading?"
Next in thread: IB2Funky4U: "RE: load balencing and masquerading?"
Reply: IB2Funky4U: "RE: load balencing and masquerading?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, 3 Feb 2000, Brent Clements wrote:

> I was wondering if I could do the following with linux and if
> their was someone doing this currently.

Yes, it's possible, I've done some simmlar things.

I wouldn't suggest you get into it unless you want a weekend computer
science project. :)

You'll need:
* Some understanding of IP networking
* iproute (the ip command)

(more below)
> I want to setup a linux box that has 3 network cards in it...one of
> the network cards would be assigned a private ip address and the other
> two network cards would be assigned a dynamic public ip address by my
> upstream adsl provider. What I want to do is load balance between the
> two adsl links..is this possible? By Load balancing I want to be able
> download items from the internet from a workstation in my private
> network using these two "load balanced" adsl lines.

For outbound direction it's easy.

Compile your kernel with equal cost multipath, and create two default
routes. This should be fine unless your provider uses some sort of
braindead filtering (i.e. no traffic from the wrong IP)

(This might do connection outbound balencing with regular masq, as I seem
to recall it gets the masq address from the route function. I'd have to
read the code to be sure).

For inbound direction, it's A LOT harder.

Many methods:

Type A) Multibox-two-faced-nat

If there will be multiple inside computers, you could use the generic nat
in 2.2 to translate inside boxes A, B, C to address1 and inside boxes
D,E,F to address2.

Pros: Easy to setup.
Cons: Won't do much good in a lot of enviroments.

Type B) Nat to one address, squid to both addresses.

You configure your masq to direct the inside clients to one address.
You configure squid on the box. With multiple default routes, it should
randomly bind to one per each web object. (Again, would have to check
source) If not, you would need to hack squid, or run 3 copies of squid
(one child; two parents one to each address).

There are of course other ways. :)

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

Next message: nathan.zook@amd.com: "RE: 64bit type printf formats..."
Previous message: Raj, Ashok: "64bit type printf formats..."
In reply to: Brent Clements: "load balencing and masquerading?"
Next in thread: IB2Funky4U: "RE: load balencing and masquerading?"
Reply: IB2Funky4U: "RE: load balencing and masquerading?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b29 : Mon Feb 07 2000 - 21:00:10 EST