Re: Loadbalance outgoing traffic over two cable modems in same network
On 22/12/2009 00:46, Mel Flynn wrote: On Monday 21 December 2009 09:56:11 Nikos Vassiliadis wrote: On 12/21/2009 6:03 AM, Mel Flynn wrote: Hi, I've looked over http://www.openbsd.org/faq/pf/pools.html but this assumes two different gateways for the two interfaces. I'm faced with two cable modems from the same ISP, with the same gateway. I can't lagg(4) the interfaces, since specific IP's are bound to specific modems. This can probably be fixed from the ISP side. It should probably be some antispoofing rule that drops the packets you are sending via the wrong interface. You could try communicating the problem to the ISP and hope for the best... I'd rather not go that route. However, I might ask the ISP to move swap two IP's, so that I have two consecutive IPs on two modems and can use /31 notation for the pool. Source hash should then work better. So I'm wondering if using stick-address with a round-robin nat pool is really sufficient to do load balancing of outgoing traffic and not get into session problems with various protocols. Has anybody had similar experiences? I have no experience on this, but theoretically a state can expire while the upper layers are still active... so, I *think* you may have problems... Of course, you could increase the lifetime of states True, I'm mostly worried about DNS queries and other UDP protocols. TCP should theoretically be fine. Thanks for your feedback. Would ECMP (aka RADIX_MPATH) not be suitable for your requirements ?? 2 default routes, one to each of the modems IP's ... that should start bunting traffic down both pipes. Works for me here... = Equal cost multipath routing Status: Committed to 8-CURRENT Will appear in 8.0: sure Authors: Qing Li Web: commit message ECMP routing allows for multiple routes to be handled by the kernel, including default routes. It potentially offers substantial increases in bandwidth by load-balancing traffic over multiple paths. = http://en.wikipedia.org/wiki/Equal-cost_multi-path_routing http://lists.freebsd.org/pipermail/cvs-src/2008-April/089956.html /Craig B ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Loadbalance outgoing traffic over two cable modems in same network
On Tuesday 22 December 2009 02:48:58 Craig Butler wrote: On 22/12/2009 00:46, Mel Flynn wrote: On Monday 21 December 2009 09:56:11 Nikos Vassiliadis wrote: On 12/21/2009 6:03 AM, Mel Flynn wrote: Hi, I've looked over http://www.openbsd.org/faq/pf/pools.html but this assumes two different gateways for the two interfaces. I'm faced with two cable modems from the same ISP, with the same gateway. I can't lagg(4) the interfaces, since specific IP's are bound to specific modems. This can probably be fixed from the ISP side. It should probably be some antispoofing rule that drops the packets you are sending via the wrong interface. You could try communicating the problem to the ISP and hope for the best... I'd rather not go that route. However, I might ask the ISP to move swap two IP's, so that I have two consecutive IPs on two modems and can use /31 notation for the pool. Source hash should then work better. So I'm wondering if using stick-address with a round-robin nat pool is really sufficient to do load balancing of outgoing traffic and not get into session problems with various protocols. Has anybody had similar experiences? I have no experience on this, but theoretically a state can expire while the upper layers are still active... so, I *think* you may have problems... Of course, you could increase the lifetime of states True, I'm mostly worried about DNS queries and other UDP protocols. TCP should theoretically be fine. Thanks for your feedback. Would ECMP (aka RADIX_MPATH) not be suitable for your requirements ?? 2 default routes, one to each of the modems IP's ... that should start bunting traffic down both pipes. Works for me here... = Equal cost multipath routing Status: Committed to 8-CURRENT Will appear in 8.0: sure Authors: Qing Li Web: commit message ECMP routing allows for multiple routes to be handled by the kernel, including default routes. It potentially offers substantial increases in bandwidth by load-balancing traffic over multiple paths. = http://en.wikipedia.org/wiki/Equal-cost_multi-path_routing http://lists.freebsd.org/pipermail/cvs-src/2008-April/089956.html Thanks for the pointers, I'll look into this. It's a little more complicated, there's 16 total IP's. 2 of which are gonna be used for LAN translations. The other 14 are eventually going to be used by DMZ services, so I'm not sure if it's solvable at the routing level, as the incoming traffic needs to go out the same way, not through the 2 LAN IP's. -- Mel ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Loadbalance outgoing traffic over two cable modems in same network
On Monday 21 December 2009 09:56:11 Nikos Vassiliadis wrote: On 12/21/2009 6:03 AM, Mel Flynn wrote: Hi, I've looked over http://www.openbsd.org/faq/pf/pools.html but this assumes two different gateways for the two interfaces. I'm faced with two cable modems from the same ISP, with the same gateway. I can't lagg(4) the interfaces, since specific IP's are bound to specific modems. This can probably be fixed from the ISP side. It should probably be some antispoofing rule that drops the packets you are sending via the wrong interface. You could try communicating the problem to the ISP and hope for the best... I'd rather not go that route. However, I might ask the ISP to move swap two IP's, so that I have two consecutive IPs on two modems and can use /31 notation for the pool. Source hash should then work better. So I'm wondering if using stick-address with a round-robin nat pool is really sufficient to do load balancing of outgoing traffic and not get into session problems with various protocols. Has anybody had similar experiences? I have no experience on this, but theoretically a state can expire while the upper layers are still active... so, I *think* you may have problems... Of course, you could increase the lifetime of states True, I'm mostly worried about DNS queries and other UDP protocols. TCP should theoretically be fine. Thanks for your feedback. -- Mel ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Loadbalance outgoing traffic over two cable modems in same network
On 12/21/2009 6:03 AM, Mel Flynn wrote: Hi, I've looked over http://www.openbsd.org/faq/pf/pools.html but this assumes two different gateways for the two interfaces. I'm faced with two cable modems from the same ISP, with the same gateway. I can't lagg(4) the interfaces, since specific IP's are bound to specific modems. This can probably be fixed from the ISP side. It should probably be some antispoofing rule that drops the packets you are sending via the wrong interface. You could try communicating the problem to the ISP and hope for the best... So I'm wondering if using stick-address with a round-robin nat pool is really sufficient to do load balancing of outgoing traffic and not get into session problems with various protocols. Has anybody had similar experiences? I have no experience on this, but theoretically a state can expire while the upper layers are still active... so, I *think* you may have problems... Of course, you could increase the lifetime of states A few, mostly random thoughts, Nikos ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
