From owner-freebsd-stable@freebsd.org Mon Jan 14 16:15:19 2019 Return-Path: Delivered-To: freebsd-stable@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 16A7614A4829 for ; Mon, 14 Jan 2019 16:15:19 +0000 (UTC) (envelope-from petefrench@ingresso.co.uk) Received: from constantine.ingresso.co.uk (unknown [IPv6:2a02:b90:3002:411::3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id CA8768FFDC for ; Mon, 14 Jan 2019 16:15:17 +0000 (UTC) (envelope-from petefrench@ingresso.co.uk) Received: from [2a02:b90:3002:411::6] (helo=dilbert.ingresso.co.uk) by constantine.ingresso.co.uk with esmtpsa (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.91 (FreeBSD)) (envelope-from ) id 1gj4tQ-0002sV-2R for freebsd-stable@freebsd.org; Mon, 14 Jan 2019 16:15:16 +0000 Received: from petefrench by dilbert.ingresso.co.uk with local (Exim 4.91 (FreeBSD)) (envelope-from ) id 1gj4tQ-000MGi-0H for freebsd-stable@freebsd.org; Mon, 14 Jan 2019 16:15:16 +0000 To: freebsd-stable@freebsd.org Subject: Any suggestions for a layer 3 load ablancer for 12, as relayd doesnt work anymore Message-Id: From: Pete French Date: Mon, 14 Jan 2019 16:15:16 +0000 X-Rspamd-Queue-Id: CA8768FFDC X-Spamd-Bar: ++ Authentication-Results: mx1.freebsd.org; dmarc=pass (policy=none) header.from=ingresso.co.uk; spf=pass (mx1.freebsd.org: domain of petefrench@ingresso.co.uk designates 2a02:b90:3002:411::3 as permitted sender) smtp.mailfrom=petefrench@ingresso.co.uk X-Spamd-Result: default: False [2.25 / 15.00]; ARC_NA(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; RDNS_NONE(1.00)[]; FROM_HAS_DN(0.00)[]; R_SPF_ALLOW(-0.20)[+ip6:2a02:b90:3002:411::3]; TO_MATCH_ENVRCPT_ALL(0.00)[]; MIME_GOOD(-0.10)[text/plain]; TO_DN_NONE(0.00)[]; NEURAL_HAM_LONG(-0.37)[-0.367,0]; RCPT_COUNT_ONE(0.00)[1]; RCVD_COUNT_THREE(0.00)[3]; RCVD_TLS_LAST(0.00)[]; NEURAL_SPAM_SHORT(0.27)[0.268,0]; MX_GOOD(-0.01)[ingresso-co-uk.mail.protection.outlook.com,ingresso-co-uk.mail.protection.outlook.com]; DMARC_POLICY_ALLOW(-0.50)[ingresso.co.uk,none]; NEURAL_HAM_MEDIUM(-0.32)[-0.321,0]; IP_SCORE(-0.02)[country: GB(-0.09)]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:16082, ipnet:2a02:b90::/32, country:GB]; HFILTER_HOSTNAME_UNKNOWN(2.50)[] X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 14 Jan 2019 16:15:19 -0000 So, until the middle of this afternoon I was, doing my load balancing using relayd from ports and PF. My own fault for not checking, but I upgraded one of the firewall pair to 12 and then discovered that the relayd port is no longer available. Am now puzzling over solutions to this - I dont really want to stay on 11 forevere. Moving to OpenBSD to get their PF and relayd is a bit of an uncomfortable idea as we gain a lot from having one OS everywhere that people know, so does anyone have any suggestions ? PF round robin is not good enough for this as I have some dynamic problems which indicate when a node is up or down. Relayd will check these, but the basic PF wil not as far as I know. What do other people do ? cheers -pete.