Hi list,
some days ago I had some questions on relayd on Dell hardware...
This time I have a bunch of Alix boards (most of you know them, I guess --
dmesg below) that are configured like following:
- vr0 heads to the servers to load balance (CARP, carp0)
- vr1 is dedicated link for pfsync
- vr2 heads to the internet, being VLAN tagged (CARP, carp1 in this case,
lies on this VLAN)
There are (in the test setup) only two web servers, which leads to
relayd.conf:
www_ext="a.b.c.d"
web1="10.10.0.10"
web2="10.10.0.11"
#
# Global Options
interval 5
timeout 1000
# prefork 5
# Each table will be mapped to a pf table.
table <webserver> { $web1 $web2 }
redirect webserver {
listen on $www_ext port 80 sticky-address
forward to <webserver> port 80 check http "/" code 200
tag WEBSERVERS
}
---
pf.conf like following (not yet hardened, of course):
ext_if=vlan371
int_if=vr0
sync_if=vr1
set require-order no
set skip on lo
scrub in
# NAT/filter rules and anchors for relayd(8)
rdr-anchor "relayd/*"
anchor "relayd/*"
pass in # to establish keep-state
# necessary for pfsync
pass quick on $sync_if proto pfsync
pass quick proto icmp
pass in quick on $ext_if proto tcp from any to any port 80
#block in quick from urpf-failed to any # use with care
# By default, do not permit remote connections to X11
block in on ! lo0 proto tcp from any to any port 6000
---
This is the setup. The problem now is that when I try to connect to the load
balanced IP (carp0) the redirections relayd builds work well
healthcheck-wise, the problem is that there's almost no performance -- I
only get about 2.5kbps throughput. The machine itself is idle, I don't see
interrupt problems.
Next, I checked the switches (half/full duplex problems, e.g.), carp0 sits
on a Cisco -- not problem, carp1 sits on a Netgear -- also, everything fine.
Then I tried to fetch some bigger file (1GByte in size) *to* the Alix from
both directions, the load balanced web servers (thusly, testing without VLAN
'in the way') as well as a third web server (connected via carp0, heading
upstream) pump the full 100Mbps though the Alix' vr interfaces.
So, the only thing that's left to cause the problem is my relayd and/or pf
setup, I guess.
Does anyone here have a clue what the problem might be?
Thanks in advance,
Joe
dmesg comes here:
lb-a# dmesg
OpenBSD 4.5 (GENERIC) #1749: Sat Feb 28 14:51:18 MST 2009
[email protected]:/usr/src/sys/arch/i386/compile/GENERIC
cpu0: Geode(TM) Integrated Processor by AMD PCS ("AuthenticAMD" 586-class)
499 MHz
cpu0: FPU,DE,PSE,TSC,MSR,CX8,SEP,PGE,CMOV,CFLUSH,MMX
real mem = 268009472 (255MB)
avail mem = 250859520 (239MB)
mainbus0 at root
bios0 at mainbus0: AT/286+ BIOS, date 12/10/07, BIOS32 rev. 0 @ 0xfceb2
pcibios0 at bios0: rev 2.1 @ 0xf0000/0x10000
pcibios0: pcibios_get_intr_routing - function not supported
pcibios0: PCI IRQ Routing information unavailable.
pcibios0: PCI bus #0 is the last bus
bios0: ROM list: 0xe0000/0xa800
cpu0 at mainbus0: (uniprocessor)
pci0 at mainbus0 bus 0: configuration mode 1 (bios)
pchb0 at pci0 dev 1 function 0 "AMD Geode LX" rev 0x33
glxsb0 at pci0 dev 1 function 2 "AMD Geode LX Crypto" rev 0x00: RNG AES
vr0 at pci0 dev 9 function 0 "VIA VT6105M RhineIII" rev 0x96: irq 10,
address 00:0d:b9:15:98:20
ukphy0 at vr0 phy 1: Generic IEEE 802.3u media interface, rev. 3: OUI
0x004063, model 0x0034
vr1 at pci0 dev 10 function 0 "VIA VT6105M RhineIII" rev 0x96: irq 11,
address 00:0d:b9:15:98:21
ukphy1 at vr1 phy 1: Generic IEEE 802.3u media interface, rev. 3: OUI
0x004063, model 0x0034
vr2 at pci0 dev 11 function 0 "VIA VT6105M RhineIII" rev 0x96: irq 12,
address 00:0d:b9:15:98:22
ukphy2 at vr2 phy 1: Generic IEEE 802.3u media interface, rev. 3: OUI
0x004063, model 0x0034
glxpcib0 at pci0 dev 15 function 0 "AMD CS5536 ISA" rev 0x03: rev 0, 32-bit
3579545Hz timer, watchdog, gpio
gpio0 at glxpcib0: 32 pins
pciide0 at pci0 dev 15 function 2 "AMD CS5536 IDE" rev 0x01: DMA, channel 0
wired to compatibility, channel 1 wired to compatibility
wd0 at pciide0 channel 0 drive 0: <TRANSCEND>
wd0: 1-sector PIO, LBA, 955MB, 1957536 sectors
wd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 2
pciide0: channel 1 ignored (disabled)
ohci0 at pci0 dev 15 function 4 "AMD CS5536 USB" rev 0x02: irq 15, version
1.0, legacy support
ehci0 at pci0 dev 15 function 5 "AMD CS5536 USB" rev 0x02: irq 15
usb0 at ehci0: USB revision 2.0
uhub0 at usb0 "AMD EHCI root hub" rev 2.00/1.00 addr 1
isa0 at glxpcib0
isadma0 at isa0
com0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo
com0: console
pcppi0 at isa0 port 0x61
midi0 at pcppi0: <PC speaker>
spkr0 at pcppi0
npx0 at isa0 port 0xf0/16: reported by CPUID; using exception 16
usb1 at ohci0: USB revision 1.0
uhub1 at usb1 "AMD OHCI root hub" rev 1.00/1.00 addr 1
biomask e3ef netmask ffef ttymask ffff
mtrr: K6-family MTRR support (2 registers)
nvram: invalid checksum
softraid0 at root
root on wd0a swap on wd0b dump on wd0b
clock: unknown CMOS layout
carp0: state transition: BACKUP -> MASTER
carp1: state transition: BACKUP -> MASTER
