Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 21 Sep 2011 13:34:45 -0400 (EDT)
From:      Mike Andrews <mandrews@bit0.com>
To:        Pete French <petefrench@ingresso.co.uk>
Cc:        freebsd-stable@freebsd.org, dmagda@ee.ryerson.ca
Subject:   Re: Usling vlan(4) without an actual lan behind it
Message-ID:  <alpine.BSF.2.00.1109211330180.37863@beast.int.bit0.com>
In-Reply-To: <E1R5dDg-0006PI-Ai@dilbert.ingresso.co.uk>
References:  <E1R5dDg-0006PI-Ai@dilbert.ingresso.co.uk>

next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 19 Sep 2011, Pete French wrote:

>> Does it specifically have to be a vlan(4), or can you perhaps add another
>> address to lo(4), or perhaps create a "lo1" in addition to the "lo0"?
>
> It can be anything really - I was looking for a "generic" interface
> I can configure with IP addresses. But adding real addresses to
> loopback interfaces can cause problems can it not ?
>
> The issue I am trying to address is that I have a whole bunch of IPv6
> addresse on a /64, which are oly used as endpoints for a set of
> websites - they don't exist on a real ethernet anywhere, and don't
> need to. I just want them on an interface on a machine wwhen I can run
> up a load balancer to listeon on those addresses and forward them to
> the approrpiate actual machines serving the requests.

Sounds like DSR-type load balancing (or in Linux LVS land, "DR" mode), 
where the load balancer just rewrites the target MAC address in the header 
instead of doing full-blown NAT or proxying.  Putting the IP's on lo0 is 
the way to go here.  We've been doing that for many, many years (well, 
months for v6, years for v4) and it works great.  With the IP's on lo0, 
the load balancers are the only thing that can ARP (or NDP) for those 
addresses... which is what you'd want.



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?alpine.BSF.2.00.1109211330180.37863>