On Fri, 2002-11-22 at 04:39, Andreas Hasenack wrote: > Em Thu, Nov 21, 2002 at 04:24:06PM -0800, William L. Thomson Jr. escreveu: > > But I have been informed I believe by Julian and others that the load > > balancing, multipath equalize feature can be used even without NAT but > > in a different situation that mine? > > I'm confused as well. Suppose you have two links to the internet, a DMZ, > and an internal network, SNAT'ed. Suppose you have a public web server > in the DMZ (the DMZ is not SNAT'ed). > > How would multipath route (with or without equalize) help here? I mean, > it would only really help if there were connections starting from > the inside (DMZ or SNAT'ed network) to the outside. But: Exactly > - the internal network would probably do many downloads, and not uploads In this case the multipath will help out. Splitting the downloads over the different interfaces. This way all lines will be used for downloads. Although the actual load will not be equal on all lines, as previously mentioned. But depending on the amount of routes and weights, the requests/lookups will be properly balanced. > - the web server doesn't originate traffic, it responds to requests from > the outside world, and it will respond using the same link the request > came in (or not?) This is why I kept saying that you have to load balance from the outside in and the inside out. Inside out was above using multipath. Outside in is load balanced using DNS. Bind allows you to specify multiple IPs for a domain, and a similar weight value. So you can load balance DNS look ups. In my case where everything is even I have two Public IPs for each server in my DNS records. Do a dig on my domain. You will get two IPs, and each time a dns lookup occurs you should get on or the other. In theory every other request gets a different IP. So Bind is trying to load balance things from the outside world. But depending on allot of different variables, the client could end up doing another lookup or using an interface out of the load balancing order. So it's not perfect. But to complete the load balancing scenario it's absolutely necessary. Otherwise there is no way to load balance from the outside world without your ISP providing a service or using something like BGP. So load balancing inside out is done via multipath equalize, and load balancing from the outside in is done via DNS, in my case BIND. -- Sincerely, William L. Thomson Jr. Support Group Obsidian-Studios Inc. 439 Amber Way Petaluma, Ca. 94952 Phone 707.766.9509 Fax 707.766.8989 http://www.obsidian-studios.com _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
