From owner-freebsd-stable@FreeBSD.ORG Thu Jul 10 17:26:45 2014 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id BB820BC4 for ; Thu, 10 Jul 2014 17:26:45 +0000 (UTC) Received: from mail-qg0-x235.google.com (mail-qg0-x235.google.com [IPv6:2607:f8b0:400d:c04::235]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 7C9DC20F5 for ; Thu, 10 Jul 2014 17:26:45 +0000 (UTC) Received: by mail-qg0-f53.google.com with SMTP id i50so7928499qgf.40 for ; Thu, 10 Jul 2014 10:26:44 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date:message-id:subject :from:to:cc:content-type:content-transfer-encoding; bh=b0glihPhEtPiuGxcTnWy6wvstQ8o8KOEMjBkjyGqUSg=; b=QkRxrcxvYRzfBCmbGPwJ66DlkCJj5tesEbhfDd1REoQpcrbvT2dIYoaHIAJxVz9w7I m1AOHlzGBpfUkXq7JlgAY61Yn31aeTd4EkoaAk9mo6WM2JRWIYA1FG51ztaHnZWC9jgm o4e/yhXMAVWbtykD1kI1SEqMA7MmUejY/drLvtyvVn5pD+cilMOF3PVwnvhC/MOfip+Q xGMg1jMWHge2VBoiuuWctVOCuy8zAzND9hDs7uPjtgujQLejVclssvft4l57aHKdENqZ rTKESS4RMKdrOrYgyreW0SvVzpOvH8dTpx9aE7uTPQprnHB3WQiuI/5yYHwuKJiQZnJZ Dang== MIME-Version: 1.0 X-Received: by 10.140.47.48 with SMTP id l45mr77389610qga.24.1405013204589; Thu, 10 Jul 2014 10:26:44 -0700 (PDT) Sender: adrian.chadd@gmail.com Received: by 10.224.202.193 with HTTP; Thu, 10 Jul 2014 10:26:44 -0700 (PDT) In-Reply-To: <53BE9A9F.4090700@ish.com.au> References: <53BE9A9F.4090700@ish.com.au> Date: Thu, 10 Jul 2014 10:26:44 -0700 X-Google-Sender-Auth: d9CAVxqvdtk5ecByB3WDFz7aL1g Message-ID: Subject: Re: load balancer best practices From: Adrian Chadd To: Aristedes Maniatis Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Cc: "stable >> freebsd-stable" X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 10 Jul 2014 17:26:45 -0000 yeah, you can search for IP_BINDANY. It's a socket option. -a On 10 July 2014 06:52, Aristedes Maniatis wrote: > With the changes in CARP as part of FreeBSD 10 I have some questions abou= t the best way to do some things. > > > 1. On a load balancer (haproxy) we might have the machine handling 100 or= 5000 IP addresses. It would be simplest to just define a /24 (or more) ran= ge on the external interface (or in CARP) but then I cannot bind to each ad= dress. > > Linux has something like net.ipv4.ip_nonlocal_bind. There appears to be n= othing similar for FreeBSD. Do I need to define a /32 and alias each addres= s? > > a. is there a cleaner way? > b. will that cause performance issues if I create many hundreds of /32 al= iases on the interface? > > > > 2. If I need to define a large number of aliases in CARP I'll quickly run= out of vhids which I understand to go up to 256. What is the real meaning = of vhid in a CARP definition? Can they be shared by different IP addresses = on the load balancer pair? That is, can they all be labelled "vhid=3D1" or = is CARP limited to 256 IP addresses, each of which has to be a /32 (see abo= ve). > > All the examples in the FreeBSD manual use a different vhid for each IP a= ddress but doesn't explain why. > > a. If two addresses (aliases) share the same vhid, will that mean they fa= il over together always? (That might be a good thing for me). > b. Will it reduce "are you alive?" network traffic between the CARP clust= er to have one vhid? > c. Will bad things happen if I share vhids? > > > Thanks > Ari > > > -- > --------------------------> > Aristedes Maniatis > ish > http://www.ish.com.au > Level 1, 30 Wilson Street Newtown 2042 Australia > phone +61 2 9550 5001 fax +61 2 9550 4001 > GPG fingerprint CBFB 84B4 738D 4E87 5E5C 5EFA EF6A 7D2E 3E49 102A > _______________________________________________ > freebsd-stable@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-stable > To unsubscribe, send any mail to "freebsd-stable-unsubscribe@freebsd.org"