On Thu, Jul 22, 2010 at 2:56 PM, Eric Dumazet <eric.dumazet@xxxxxxxxx> wrote: > > lvs seems not very SMP friendly and a bit complex. > > I would use an iptables setup and a slighly modified REDIRECT target > (and/or a nf_nat_setup_info() change) > > Say you have 8 daemons listening on different ports (1000 to 1007) > > iptables -t nat -A PREROUTING -p tcp --dport 1234 -j REDIRECT --rxhash-dist --to-port 1000-1007 > > rxhash would be provided by RPS on recent kernels or locally computed if > not already provided by core network (or old kernel) > > This rule would be triggered only at connection establishment. > conntracking take care of following packets and is SMP friendly. > > I think maybe REDIRECT is enough. If the public port is one of the real ports, you need to append "random" option to iptables target REDIRECT. If not, "REDIRECT --to-ports 1000-1007" is good enough, and the destination port will be selected in the round-robin manner. -- Regards, Changli Gao(xiaosuo@xxxxxxxxx) -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
