From owner-freebsd-cluster@FreeBSD.ORG Wed Jul 15 07:32:10 2009 Return-Path: Delivered-To: freebsd-cluster@FreeBSD.ORG Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 55C5F10656C7 for ; Wed, 15 Jul 2009 07:32:10 +0000 (UTC) (envelope-from olli@lurza.secnetix.de) Received: from lurza.secnetix.de (lurza.secnetix.de [IPv6:2a01:170:102f::2]) by mx1.freebsd.org (Postfix) with ESMTP id CDB228FC2F for ; Wed, 15 Jul 2009 07:32:09 +0000 (UTC) (envelope-from olli@lurza.secnetix.de) Received: from lurza.secnetix.de (localhost [127.0.0.1]) by lurza.secnetix.de (8.14.3/8.14.3) with ESMTP id n6F7VrRU014958; Wed, 15 Jul 2009 09:32:08 +0200 (CEST) (envelope-from oliver.fromme@secnetix.de) Received: (from olli@localhost) by lurza.secnetix.de (8.14.3/8.14.3/Submit) id n6F7VrI2014957; Wed, 15 Jul 2009 09:31:53 +0200 (CEST) (envelope-from olli) Date: Wed, 15 Jul 2009 09:31:53 +0200 (CEST) Message-Id: <200907150731.n6F7VrI2014957@lurza.secnetix.de> From: Oliver Fromme To: freebsd-cluster@FreeBSD.ORG, wenewboy@gmail.com In-Reply-To: <4eaa09eb0907141911m1b3adb9byc46deb8dd2730ea@mail.gmail.com> X-Newsgroups: list.freebsd-cluster User-Agent: tin/1.8.3-20070201 ("Scotasay") (UNIX) (FreeBSD/6.4-PRERELEASE-20080904 (i386)) MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 8bit X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-2.1.2 (lurza.secnetix.de [127.0.0.1]); Wed, 15 Jul 2009 09:32:08 +0200 (CEST) Cc: Subject: Re: lvs on freebsd setup problem, X-BeenThere: freebsd-cluster@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: freebsd-cluster@FreeBSD.ORG, wenewboy@gmail.com List-Id: Clustering FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 15 Jul 2009 07:32:10 -0000 wenew zhang wrote: > i tring haproxy,in below situation,LB forward http header to A,B,C,C, > but how about the Web Server response the client's, > the response data still through then LB1?that the point, > LB1 only have 10M bandwidth as Web Servers, > in my situation,clients need download big-flash file about 5M, > i need web server response the client directly, > sorry to say it again, > i need confidence! > > > 192.168.1.1 192.168.1.11-192.168.1.14 192.168.1.2 > -------+-----------+-----+-----+-----+--------+---- > | | | | | _|_db > +--+--+ +-+-+ +-+-+ +-+-+ +-+-+ (___) > | LB1 | | A | | B | | C | | D | (___) > +-----+ +---+ +---+ +---+ +---+ (___) > haproxy 4 cheap web servers Just a question: Did you consider DNS-based round-robin? It's a very simple solution if you just need LB (not HA), and the traffic doesn't have to go through a single proxy so there is no bottle-neck problem. The downside is, of course, that you need multiple external IP addresses. If you have only one IP address, a "poor man's round-robin" solution would be to balance the traffic by port numbers: The internal web servers are assigned port numbers from 81 to 84. On port 80 there is only a simple script that returns redirects to ports 81 to 84 in random order. The downside is that the port number appears in the URL line of the client browser, which is ugly. (Putting a proper tag in the header of all of your HTML pages mitigates the problem a little bit, though.) A "clean" solution will involve some kind of transparent proxy or gateway that handles the incoming packets and forwards them to a random web server (but it must be the same web server for all packets belonging to the same TCP connection), then have the web server send the reply directly to the client. I think you might be able to do this with a bunch of IPFW "fwd" rules. The LB machine will have "fwd" rules with the "prob" tag to forward incoming packets to a random web server. Using the "keep-state" tag will make sure that packets belonging to the same TCP connection will go to the same web server. The web servers should send the reply packets directly to your outgoing router. You have to be careful with NAT. I haven't tried to do this myself, but it should be possible to make it work. All of the above can be done without third-party software. Best regards Oliver -- Oliver Fromme, secnetix GmbH & Co. KG, Marktplatz 29, 85567 Grafing b. M. Handelsregister: Registergericht Muenchen, HRA 74606, Geschäftsfuehrung: secnetix Verwaltungsgesellsch. mbH, Handelsregister: Registergericht Mün- chen, HRB 125758, Geschäftsführer: Maik Bachmann, Olaf Erb, Ralf Gebhart FreeBSD-Dienstleistungen, -Produkte und mehr: http://www.secnetix.de/bsd "The last good thing written in C was Franz Schubert's Symphony number 9." -- Erwin Dieterich