Hi, fellow LARTC members, I have some questions about Linux load balancing which I hope nobody will mind me asking here. We're using Linux firewalls in an application which requires load balancing across multiple connections (e.g. ISDN PPP links, ADSL, VPNs). I'm trying to figure out how to achieve this at the moment. We already have a working solution using the TEQL scheduler, but it doesn't do everything we want: you can only specify one gateway, which makes it less useful for links over ethernet (e.g. multiple ADSL routers). I'm also not sure how to adjust the weighting of the various devices: I tried attaching the teql0 scheduler to a leaf class of an HTB scheduler with a low rate, but it doesn't seem to work according to iptraf, and even the counters on the class never get incremented. So, I'm looking at doing this with the kernel's multipath routing option (CONFIG_IP_ROUTE_MULTIPATH). So far I've been able to configure a route with multiple nexthops as described in the "ip" tool documentation: ip route add default equalize \ nexthop via 10.0.0.2 \ nexthop via 10.0.0.2 dev eth3 \ nexthop via 192.168.3.254 dev eth1 \ nexthop via 192.168.3.254 dev eth4 The reason for repeating the first nexthop is that the first route is always marked as dead for some reason. None of the others get marked dead for me, and I can't figure out why it's happening, but if I add a dummy route before the real ones then it seems to work. Anyway, it does what I think it's supposed to, which is choose one route at random _and cache it for that destination address_. However, this is not an ideal property of a load balancer. Ideally each packet would be routed out through a separate connection. So my questions to you all are: - Is there a simple way to do this with iproute2 as it stands, or with some other method (apart from TEQL) which I missed? - If not, can anyone point me to an explanation of how the routing code caches and retrieves routes, so that I can disable the route caching? (I know this is probably not a good idea for performance) - Is there any documentation of the kernel routing code, e.g. the path taken by a packet through that code? (LARTC howto doesn't seem to cover it, nor Stef's docum.org, nor Google searches). - If this documentation isn't available, would anyone be interested in me writing some, and would anyone mind if I send the requisite questions to this list? Cheers, Chris. -- ___ __ _ / __// / ,__(_)_ | Chris Wilson -- UNIX Firewall Lead Developer | / (_ / ,\/ _/ /_ \ | NetServers.co.uk http://www.netservers.co.uk | \ _//_/_/_//_/___/ | 21 Signet Court, Cambridge, UK. 01223 576516 |
