Date: Fri, 22 Jan 2010 12:42:54 -0800 From: Chuck Swiger <cswiger@mac.com> To: Chris Peiffer <bsdlists@cabstand.com> Cc: freebsd-questions@freebsd.org Subject: Re: ISO simple non-forking TCP connection forward/balance tool Message-ID: <59B84842-615C-4152-9BD7-F982923EA9FE@mac.com> In-Reply-To: <20100122200138.GA19469@cabstand.com> References: <20100122200138.GA19469@cabstand.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi--
On Jan 22, 2010, at 12:01 PM, Chris Peiffer wrote:
> Or is there a good way to do it in the kernel that I'm missing, and
> can someone direct me to an ipnat ruleset that creates new
> connections, so the TCP forwarding machine doesn't also need to be a
> router?
I don't know about ipnat, but natd (or kernel-level IPFW NAT functionality in newer versions of FreeBSD) redirect_port will do exactly what you've asked for:
-redirect_port proto targetIP:targetPORT[,targetIP:targetPORT[,...]]
[aliasIP:]aliasPORT [remoteIP[:remotePORT]]
-redirect_address localIP[,localIP[,...]] publicIP
These forms of -redirect_port and -redirect_address are used
to transparently offload network load on a single server and
distribute the load across a pool of servers. This function
is known as LSNAT (RFC 2391). For example, the argument
tcp www1:http,www2:http,www3:http www:http
means that incoming HTTP requests for host www will be trans-
parently redirected to one of the www1, www2 or www3, where a
host is selected simply on a round-robin basis, without
regard to load on the net.
(Userland natd doesn't need to fork for individual connections.)
Regards,
--
-Chuck
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?59B84842-615C-4152-9BD7-F982923EA9FE>