On 19/07/2023 13:31, Stuart Henderson wrote: > On 2023-07-19, Kapetanakis Giannis <bil...@edu.physics.uoc.gr> wrote: >> Maybe even better, can it run under relayd (redirect) on top of carp? > That's just rdr-to behind the scenes, no problem with that, though if > you want to do per IP rate limiting alongside load-balancing you might > want "mode source-hash" rather than the default round-robin or one of > the random options. > > (I wouldn't recommend sticky-address, because then you get into more > complex paths inside PF because it has to maintain source-tracking > information).
I don't think source tracking is that important in this case scenario. relayd will only have one host, which will be the dnsdist listening on localhost (on each load balancer). dnsdist will have whatever it can support with stickiness/source-tracking. pf rdr-to could also be an option, but then you loose the carp demotion which relayd provides. thanks G