From owner-freebsd-net  Mon Jan 27 17:17:44 2003
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP
	id C505537B401; Mon, 27 Jan 2003 17:17:43 -0800 (PST)
Received: from great4.greatschools.net (great4.greatschools.net [199.4.104.154])
	by mx1.FreeBSD.org (Postfix) with ESMTP
	id 61B7A43F3F; Mon, 27 Jan 2003 17:17:43 -0800 (PST)
	(envelope-from jdd@greatschools.net)
Received: from great4.greatschools.net (localhost [127.0.0.1])
	by great4.greatschools.net (8.12.6/8.12.6) with ESMTP id h0S1Hhuc007224;
	Mon, 27 Jan 2003 17:17:43 -0800 (PST)
	(envelope-from jdd@greatschools.net)
Received: from localhost (jdd@localhost)
	by great4.greatschools.net (8.12.6/8.12.6/Submit) with ESMTP id h0S1HgvE007221;
	Mon, 27 Jan 2003 17:17:42 -0800 (PST)
X-Authentication-Warning: great4.greatschools.net: jdd owned process doing -bs
Date: Mon, 27 Jan 2003 17:17:37 -0800 (PST)
From: John David Duncan <jdd@greatschools.net>
To: freebsd-current@freebsd.org, freebsd-net@freebsd.org
Subject: Direct Server Return and FreeBSD 5
Message-ID: <Pine.BSF.4.52.0301271651080.6700@great4.greatschools.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-net@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-net.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-net>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-net>
X-Loop: FreeBSD.org


There's a load balancing configuration known as direct server return
(DSR), in which packets pass from the client through the load balancer to
the server, but then the replies from the server go directly to the client
(bypassing the load balancer).  The way this works is that the load
balancer sends the server an IP packet with the virtual IP address as its
destination addr, inside an ethernet frame whose destination is the real
MAC addr of the server. The server replies with a normal packet using the
VIP as the source addr.

The usual way to configure a BSD box to work this way is to bring up the
VIP as an alias on the loopback address, like this:
   ifconfig lo0 add 1.2.3.4 netmask 0xffffff00

As far as I can tell from my testing, this trick just doesn't work on my
box running -CURRENT.  In tcpdump I see packets coming in but none
going out.

Does anybody know why, or what I would have to do to change the behavior?

- JD


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-net" in the body of the message