[Shorewall-users] load balance only from one host

Fri, 04 Sep 2015 05:55:45 -0700 

Hi,

I'm trying to understand how to correctly configure load balancing and 
policy-based routing within shorewall.

I have the typical local (lan) and internet (wan) zones.

I also have 2 "providers" (not ISPs, just remote private networks) as defined 
here:

CAIB    1       1       -       $IF_CAIB        $ADDR_GW_CAIB   loose,track
IBS     2       2       -       $IF_IBS         $ADDR_GW_IBS    loose,track

My "main" routing table contains rules such as:

10.215.224.0/20 via $ADDR_GW_CAIB dev $IF_CAIB

I also defined this in "rtrules":

10.215.247.194          10.215.236.221          IBS             300

So if I do a traceroute from 10.215.247.194 to 10.215.236.221 then the packets 
are going out $IF_IBS as expected.
Any other source to that destination goes out $IF_CAIB.

However, now I'd like to do something else. I'd like to load balance outgoing 
traffic from source IP 10.215.247.194 ONLY to both CAIB and IBS providers.
In other words, destination IP 10.215.236.221 is accessible via both providers 
CAIB and IBS, with connection tracking on the destination router.

How can I configure shorewall to load-balance connections from 10.215.247.194 
to 10.215.236.221 via CAIB and IBS providers?

My first guess would be to remove the above "rtrules" entry and add the 
following to the "providers" file:

CAIB    1       1       -       $IF_CAIB        $ADDR_GW_CAIB   
loose,track,balance
IBS     2       2       -       $IF_IBS         $ADDR_GW_IBS    
loose,track,balance

However, this should load balance all connections, not JUST connections with 
source IP 10.215.247.194, right?
Again, is it possible to load-balance from only one source IP address?

Also, how can I correctly configure the routing tables?
Given the above example, should I remove 10.215.224.0/20 from the "main" 
routing table and add the following to "routes"?

CAIB                    10.215.224.0/20         $ADDR_GW_CAIB   $IF_CAIB
IBS                     10.215.224.0/20         $ADDR_GW_IBS    $IF_IBS

Please find attached shorewall dump.

Thanks,

Vieri

Attachment: dump.gz
Description: application/gzip

------------------------------------------------------------------------------

_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users

Reply via email to