Grant Taylor wrote:
On 6/27/2007 12:54 AM, Peter Rabbitson wrote:
I am actually simply jealous that some people apparently get it to
work in-kernel, and I can't seem to.
Ah, so the truth comes out. ;)
Hehe
My requirements are pretty simple:
o As transparrent as possible DGD, that can detect 2nd and 3rd hop
failures
Think about what you just asked for. "Dead Gateway Detection" is used
to detect dead (upstream) (default) gateway(s). Rather it is not meant
to detect dead routes beyond your gateway(s). To do this you will need
some sort of utility to monitor things for you. I.e. you will not be
able to get the kernel to detect that a gateway is good for some things
but not for others. Actually if you stop to think about it, this is
beyond the scope of what the kernel should do. This is more the scope
of a routing protocol and / or a route management daemon.
In short, use something to test reachability to destinations and use ip
rules to choose routing tables accordingly. I.e. have a default routing
table that will try to use any / all interfaces routes and have
alternative routing tables that will try fewer interfaces / routes.
This is the most fragile part of my current setup. And DGD based on
packet counts IMO is an extremely simple thing to do, I discussed it
recently with you. If something like this was present in-kernel the
world would be a better place.
o Robust load balancing - connections are distributed over all
available links, regardless of source and destination, with the
possibility of assigning relative channel priorities
I think this is close to being possible depending on your scenario (NAT
or not) and a few other things.
It was my understanding that equal cost multi path routing was suppose
to accomplish this very thing. I.e. if you had globally routable IP
addresses behind the router, you could send traffic out either link,
hopefully in such a fashion as to (hopefully) fully utilize all links.
ECMP does include weight options to assign ratios to routes.
For globally routable addresses it doesn't really matter, because you
can not usually detect it (things still work).
What you have proposed with load balancing via Netfilter should be able
to achieve this with out any problems. Or at least I would think such.
It actually does work in production for quite some time now. But as said
before - it is ugly and fragile.
I understand that we are coming from different environments, but I still
think that my figure of 90% is rather accurate. If you can afford not to
do NAT, means that most likely you also have access to the ISPs dynamic
routing protocols as well, and the entire discussion becomes pointless.
On the contrary if you run NAT, most likely you are a poor-mans-ISP or
smaller, running off two consumer DSL links, and all of the above applies.
Either way I rest my case here, as we are comparing apples to dinosaurs,
and went too far OT :)
Peter
_______________________________________________
LARTC mailing list
LARTC@xxxxxxxxxxxxxxx
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
