paul what were your results during your lab test? warmest regards, Chris Yarger
web: http://YargerDesigns.org skype: cpyarger msn: [email protected] aim: patyarg yahoo: christoyarg ( ) ASCII ribbon campaign X against HTML e-mail / \ On Mon, Sep 7, 2009 at 7:28 PM, chris yarger <[email protected]> wrote: > what if one of our incoming connections ip was dhcp assigned? > warmest regards, > > Chris Yarger > > web: http://YargerDesigns.org > skype: cpyarger > msn: [email protected] > aim: patyarg > yahoo: christoyarg > > > ( ) ASCII ribbon campaign > X against HTML e-mail > / \ > > > > On Sun, Aug 16, 2009 at 10:25 PM, Rubin Bennett <[email protected]> > wrote: >> On Sun, 2009-08-16 at 21:45 -0400, john bertelsen wrote: >>> Chris, I am also on the IPCop mailng list. This question has come up >>> on that list. Invariably folks say that IPCop is not designed to do >>> this and to try pfsense. >>> >>> I have been using IPCop as our home router for about two years now. >>> There is discussion about a version 2.0 coming out this fall. However, >>> I don't think load balancing is part of it. I potentially have a need >>> for load balancing at work so am starting to look into pfsense. >>> >>> John Bertelsen >> >> Chris - >> >> There are 2 parts to your question (and forgive me if I missed >> something, I looked at your diagram for a total of about 10 seconds). >> >> First part: Getting a linux box to perform outbound load balancing is >> fairly simple to accomplish; it's really a single command: >> >> ip rule add scope global nexthop {first default router IP} dev {ethx} >> weight 1 nexthop {second default router IP} dev {ethx} weight 1 >> >> That command tells the system to add a dual default route for outbound >> traffic, and assumes that the 2 connections have identical speeds (i.e. >> both connections are weighted the same). >> >> Take the following example - suppose you have a 768k/3mb DSL connection >> with a default route of 10.0.1.1, and another Cable connection with >> 2mb/20mb (gateway of 24.48.1.1). The DSL is connected to eth0, and the >> Cable is on eth1 >> >> WANIF1=eth0 >> WANGW1=10.0.1.1 >> WAN1Weight=3 >> >> WANIF2 >> WANGW2=24.48.1.1 >> WAN2Weight=20 >> >> ip route add scope global nexhop via $WANGW1 dev $WANIF1 weight \ >> $WAN1Weight nexthop via $WANGW2 dev $WANIF2 weight $WAN2Weight >> >> And done! >> >> I've done this many times and it works perfectly well as long as you're >> only dealing with traffic generated from *behind* your firewall >> (outbound)... >> >> The problem is that most of us have stuff that's coming IN to our >> networks as well (i.e. PAT) because we're running servers of some flavor >> behind our routers. Then, in addition to the above command, you're on >> the descent into hell known as Linux IP connection tracking, extra >> routing tables, packet tagging etc.. In other words, it's down the >> rabbit hole for you... LARTC is black arts, man... >> >> Full in and out-bound load balancing is something I've done with some >> success but it's a royal PIA to set up and get working, and is not >> easily 'splained in an email. However, once it's set up, it works most >> excellently! >> >> Rubin >> >> -- >> Rubin Bennett >> rbTechnologies, LLC >> 80 Carleton Boulevard >> East Montpelier, VT 05651 >> >> (802)223-4448 >> http://thatitguy.com >> >> "Think for yourselves and let others enjoy the privilege to do so too." >> Voltaire, Essay on Tolerance >> French author, humanist, rationalist, & satirist (1694 - 1778) >> >
