Try this algol:
MANGLE:
1 - restore mark
2 - accept mark 1
accept mark 2
3 - random mark 1 ou 2
4 - save mark
NAT
5 - SNAT per interface.
Att,
Patrick Brandão
----- Original Message -----
From: "Grant Taylor" <gtaylor@xxxxxxxxxxxxxxxxx>
To: "Mail List - Linux Advanced Routing and Traffic Control"
<lartc@xxxxxxxxxxxxxxx>
Sent: Tuesday, June 26, 2007 11:37 AM
Subject: Re: Load Balance and SNAT problem.
On 06/26/07 01:46, Peter Rabbitson wrote:
This is a bad bad advice in this day and age.
I think that is a bit of a bold statement. You are free to have your
opinion on what is better for you, as am I.
If there are not enough users route caching will kill him. Here is a
recent discussion of this:
http://marc.info/?l=lartc&m=117912699505681&w=2
Um, I just read this discussion and I have a few issues with it.
First and foremost: It did not cover the reason "... route caching will
kill ..." to my satisfaction like you indicated.
Second: It relies on user space processes to alter and maintain things.
Thus if for some reason these processes do not run or do not do so in a
timely manner, they may not function correctly.
Third: You are altering the way a running kernel is operating from user
space, not letting the kernel maintain its self.
Fourth: Occam's Razor dictates the use of the simpler and equally
effective (equality is debatable) method to achieve the same result.
Though the method you site has potential, I think there is just as much
room for improvement as there is in the method that I suggested. Each
method has its pros and cons.
P.S. I am not insisting that netfilter is superior in this regard, I am
simply expressing common requirements and looking into ways of achieving
them. If someone can point me to how to do this with kernel routes - I
am all ears, since I recognize that the netfilter solution is not very
elegant, although it works.
By your own statement, you are indicating that both methods leave
something to be desired.
Grant. . . .
_______________________________________________
LARTC mailing list
LARTC@xxxxxxxxxxxxxxx
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
_______________________________________________
LARTC mailing list
LARTC@xxxxxxxxxxxxxxx
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc