From owner-freebsd-net  Thu Apr  5 19:43:47 2001
Delivered-To: freebsd-net@freebsd.org
Received: from cody.jharris.com (cody.jharris.com [205.238.128.83])
	by hub.freebsd.org (Postfix) with ESMTP id A5C0937B505
	for <freebsd-net@FreeBSD.ORG>; Thu,  5 Apr 2001 19:43:43 -0700 (PDT)
	(envelope-from nick@rogness.net)
Received: from localhost (nick@localhost)
	by cody.jharris.com (8.11.1/8.9.3) with ESMTP id f363lUM14161;
	Thu, 5 Apr 2001 22:47:30 -0500 (CDT)
	(envelope-from nick@rogness.net)
Date: Thu, 5 Apr 2001 22:47:30 -0500 (CDT)
From: Nick Rogness <nick@rogness.net>
X-Sender: nick@cody.jharris.com
To: Benjamin Gavin <virtual_olympus@yahoo.com>
Cc: freebsd-net@FreeBSD.ORG
Subject: Re: Multi-provider load balancing
In-Reply-To: <20010406000239.43749.qmail@web9602.mail.yahoo.com>
Message-ID: <Pine.BSF.4.21.0104052242530.13888-100000@cody.jharris.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-net@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

On Thu, 5 Apr 2001, Benjamin Gavin wrote:

> Hi all,
>   I've got a problem.  I have two providers (cable modem/DSL) and I need
> to load-balance the connection between them.  I don't want to do BGP, and
> would prefer something that is marginally easy to maintain.  I don't care
> about balancing based on load, simple round-robin style balancing would be
> fine.  Here's a "picture":
> 
> Internal Network (192.168.x.x)
>    |
>    v
> FreeBSD 4.2-RC firewall
>  |             |
>  V             V
> cable         DSL
> 
>   Each external side is currently DHCP, but could be static if necessary. 
> What I need is when a request goes out through the firewall for the
> machine to basically "choose a side".  Then once the connection is
> established it could stay on that pipe, or flip back and forth (whichever
> is easier).
> 
>   Here's what I've tried:
> 
> 1.  ipfw + 2xnatd, doesn't seem to work, since ipfw rules can't randomly
> choose on of two rules (AFAIK)

	Check out the probability stuff in ipfw.  There has been a battle
	over this for a while.  Many people say that you MUST run a
	routing daemon (ie BGP) to do this.  Don;t know about ipfilter.


Nick Rogness <nick@rogness.net>
 - Keep on Routing in a Free World...
 "FreeBSD: The Power to Serve!"


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-net" in the body of the message