Thank you Andy for your Return. I haven't made available in my environment product yet. well.... the link made available for you shows how to do load balance with connmark and statistic match module and it doesn't regard global equalize. so...I wonder there is diferent between them ? with global equalize is very easy I only insert one line inside of the script and all it's work! at least in my test environment it's working. I want make an test as your how to but I'm using CentOS 5.6 and doesn't has libxt_statistic.so module because iptables version is 1.3.x thank Em 15 de maio de 2011 14:23, Andrew Beverley <andy@xxxxxxxxxxx> escreveu: > On Sun, 2011-04-17 at 20:22 -0300, Usuário do Sistema wrote: >> Hello everyone, I'm deploy an test environment with load Balance in my >> Firewall using equalize as follow below >> >> >> I have two ISPs and one Inside network. >> >> creating the load balance: >> >> ip route add default scope global equalize nexthop via 200.247.209.65 >> weight 1 nexthop via 201.72.12.1 weight 1 >> >> Zeroing the ip_filter >> >> for eee in /proc/sys/net/ipv4/conf/*/rp_filter; do >> echo 0 > $eee >> done >> >> creating more one table >> >> ip route add default via 201.72.12.1 table telemar >> >> >> it's working in my environment. but I haven't done available in my >> production environment. >> > > Do you mean it doesn't work in your production environment? > >> my question is: there is more parameter ,which, I have to set ? for >> exemplo, timers. >> > > If you are using 2 completely separate ISPs, then you will need to do > more than just provide equal-weighted gateways. You will need to send > the packets for each connection over the same ISP. The website below > gives more information: > > http://www.sysresccd.org/Sysresccd-networking_en_Iptables-and-netfilter-load-balancing-using-connmark > > Andy > > > -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
