On Tue, Jun 05, 2007 at 02:48:01PM +0800, Salim S I wrote: > > > -----Original Message----- > From: Luciano Ruete [mailto:luciano@xxxxxxxxxxxxx] > Sent: Saturday, June 02, 2007 11:28 AM > To: Salim S I > Cc: lartc@xxxxxxxxxxxxxxx > Subject: Re: Multihome load balancing - kernel vs netfilter > > >Is not about ego, sorry if you take this personal, it is not my > intention, >i > >speak rude because this list get heavly indexed by google, and it is > taked >as > >good advice for many answer seekers. > > > >You afirm that Linux cannot handle load balancing properly and this is > >completly WRONG and is bad advertising and a lie. > > > >Since 2.4 series has been avaible the greats julian's patchs[1], and > then >in > >2.6.12 CONNMARK has get in mainline, and with a litle of setup all > >connection > >problems related to load balancing get perfectly solved. > > > I did not say Linux can't do Load balancing (btw, my setup has Julian's > DGD patch as well as CONNMARK). But there are some limitations to the > popular methods currently used. > > 1.As Peter Rabbitson [rabbit@xxxxxxxxx] mentioned, one issue is the > separate control and data servers. He mentions AIM servers as example. > This probably can only be solved by having exception IP list. > > 2.The other situation, and the one I am more concerned, is about > different connections which belongs to same session. > > Consider Client X and Server Y. > > Client X initiates a connection from port a to port b of server Y. > > Xa <---> Yb This connection goes through WAN1. > > After sometime, X opens another connection to Y from port c to port d. > > Xc <---> Yd This is a perfectly new TCP connection, so it may go > through WAN2 > > (Note that the client is NATed, and that no CONNTRACK exist for this > app) > > The server may reject the second and subsequent connections as it comes > in with a different source IP than the first. > > This situation happens often in IM and Gaming scenarios. Some sort of IP > persistence is required to handle this. And I was wondering if recent > match would solve this to an extent, without affecting performance. Or > if there are some other method available. (Note that I can't depend much > on cache). Are all of these idioms of each method documented in the wiki ? So what is the preferred method going forward ? > > > > > _______________________________________________ > LARTC mailing list > LARTC@xxxxxxxxxxxxxxx > http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc >
Attachment:
signature.asc
Description: Digital signature
_______________________________________________ LARTC mailing list LARTC@xxxxxxxxxxxxxxx http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
