[LARTC] Load Balance and SNAT problem.

Patrick Brandão contato at patrick.eti.br
Tue Jun 26 17:04:56 CEST 2007 

Try this algol:

MANGLE:
1 - restore mark
2 - accept mark 1
     accept mark 2
3 - random mark 1 ou 2
4 - save mark

NAT
5 - SNAT per interface.

Att,
Patrick Brandão

----- Original Message ----- 
From: "Grant Taylor" <gtaylor at riverviewtech.net>
To: "Mail List - Linux Advanced Routing and Traffic Control" 
<lartc at mailman.ds9a.nl>
Sent: Tuesday, June 26, 2007 11:37 AM
Subject: Re: [LARTC] Load Balance and SNAT problem.


> On 06/26/07 01:46, Peter Rabbitson wrote:
>> This is a bad bad advice in this day and age.
>
> I think that is a bit of a bold statement.  You are free to have your 
> opinion on what is better for you, as am I.
>
>> If there are not enough users route caching will kill him. Here is a 
>> recent discussion of this:
>> http://marc.info/?l=lartc&m=117912699505681&w=2
>
> Um, I just read this discussion and I have a few issues with it.
>
> First and foremost:  It did not cover the reason "... route caching will 
> kill ..." to my satisfaction like you indicated.
>
> Second:  It relies on user space processes to alter and maintain things. 
> Thus if for some reason these processes do not run or do not do so in a 
> timely manner, they may not function correctly.
>
> Third:  You are altering the way a running kernel is operating from user 
> space, not letting the kernel maintain its self.
>
> Fourth:  Occam's Razor dictates the use of the simpler and equally 
> effective (equality is debatable) method to achieve the same result.
>
> Though the method you site has potential, I think there is just as much 
> room for improvement as there is in the method that I suggested.  Each 
> method has its pros and cons.
>
>> P.S. I am not insisting that netfilter is superior in this regard, I am 
>> simply expressing common requirements and looking into ways of achieving 
>> them.  If someone can point me to how to do this with kernel routes - I 
>> am all ears, since I recognize that the netfilter solution is not very 
>> elegant, although it works.
>
> By your own statement, you are indicating that both methods leave 
> something to be desired.
>
>
>
> Grant. . . .
> _______________________________________________
> LARTC mailing list
> LARTC at mailman.ds9a.nl
> http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
>

More information about the LARTC mailing list