On Wed, 25 Jul 2007 23:36:54 -0600
"Jan Mulders" <[EMAIL PROTECTED]> wrote:
> >From the looks of these two programs, they seem to 'round robin'
> >outgoing
> TCP requests over multiple links - I believe most iptables frontends
> (I know Shorewall does out of the box) allow you to round-robin
> outgoing connections over multiple different source IP addresses when
> masquerading using NAT, which is usually functionally identical to
> what these two do, if I am not mistaken?
I'm afraid yes Jan, because it isn't enough to round-robin
connections, but to make sure that if a single client opens, for
example, 5 connections, it will be split thru the available links,
agregating bandwidth. I think that it's impossible to do this just with
iptables. Even multipath (using the above example) would just put all
the 5 connections on a single link :(.
> I'm also interested to hear of related projects: I use OpenVPN to
> provide a tunneling VPN to my users, and have lots of problems with
> insufficient throughput over TCP, even when more bandwidth is
> available. My main goal is to try and split TCP streams into multiple
> streams, then reassemble them at the other end - this seems to be
> something neither of the above are intended to do.
Mayeb some kind of bonding, but the problem is that the 2
points of your VPN aren't directly connected, otherwise you could use
Bonding or TEQL. There's EQL for serial links, but you'd have to
install it on both ends...
--
Linux 2.6.22: Holy Dancing Manatees, Batman!
http://www.lastfm.pt/user/danielfraga
http://u-br.net
Cranberries - "I Will Always" (Everybody Else Is Doing It, So Why Can't
We? - 1993)
_______________________________________________
LARTC mailing list
[email protected]
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
