From owner-freebsd-net@FreeBSD.ORG Tue Oct 26 20:27:26 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5B28416A4CF for ; Tue, 26 Oct 2004 20:27:26 +0000 (GMT) Received: from ints.mail.pike.ru (ints.mail.pike.ru [195.9.45.194]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0B30C43D48 for ; Tue, 26 Oct 2004 20:27:25 +0000 (GMT) (envelope-from babolo@cicuta.babolo.ru) Received: (qmail 72427 invoked from network); 26 Oct 2004 20:32:37 -0000 Received: from cicuta.babolo.ru (194.135.49.133) by ints.mail.pike.ru with SMTP; 26 Oct 2004 20:32:37 -0000 Received: (nullmailer pid 98696 invoked by uid 136); Tue, 26 Oct 2004 20:29:12 -0000 X-ELM-OSV: (Our standard violations) hdr-charset=KOI8-R; no-hdr-encoding=1 In-Reply-To: <417C85FA.5050708@elischer.org> To: Julian Elischer Date: Wed, 27 Oct 2004 00:29:12 +0400 (MSD) From: "."@babolo.ru X-Mailer: ELM [version 2.4ME+ PL99b (25)] MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=US-ASCII Message-Id: <1098822552.745683.98695.nullmailer@cicuta.babolo.ru> cc: Stephane Raimbault cc: net@freebsd.org Subject: Re: using natd to load balance port 80 to multiple servers X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 26 Oct 2004 20:27:26 -0000 [ Charset ISO-8859-1 unsupported, converting... ] > Stephane Raimbault wrote: > > Hi All, > > > > I'm currently using a freebsd box running natd to forward port 80 to > > several (5) web servers on private IP's. > > > > I have discovered that natd doesn't handle many requests/second all that > > well (seem to choke at about 200 req/second (educated guess)) > > > > use the "ipfw fwd" option to directly send the packets to the appropriate machine. > Should be able to forwarrd at wire speed. > > you will probably need ipfw fwd running on both sides of the forward.. > one on the switch machine to forward packets to one machine and one on > that machine to "capture" those packets to a local socket. Simplier. ifconfig lo1 inet IP with the same IP on every balansed computer, and then fwd balanserIP ip from any:mask to IP for each balanserIP, where IP is some address, routable by router, the same for each balansed computer. > > There are other packet filtering options on FreeBSD and I wonder if I > > can use them to do what I'm trying to do with natd. > > > > Would someone be able to point me to documentation or help me have > > either ipf/ipfw/pf forward port 80 traffic to private space IP's?