Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 13 Feb 2007 09:49:19 -0200
From:      "Gilberto Villani Brito" <linux@giboia.org>
To:        "FreeBSD (PF)" <freebsd-pf@freebsd.org>
Subject:   Re: Trying to setup DSR load balancing with pf route-to
Message-ID:  <6e6841490702130349n54860aacm185792e37127e762@mail.gmail.com>
In-Reply-To: <1240af8c0702121150k52fad621q9e5899f99cf2b8e6@mail.gmail.com>
References:  <1240af8c0702121150k52fad621q9e5899f99cf2b8e6@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help 
Try to use round-robin like that:
pass in on fxp0 route-to { web1, web2, webn } round-robin from any to
x.100 keep state

-- 
Gilberto Villani Brito
System Administrator
Londrina - PR
Brazil
gilbertovb(a)gmail.com



On 12/02/07, Chip Marshall <chip@2bithacker.net> wrote:
> I've been trying to get a Direct Server Return (DSR) load balancing
> arrangment set up using FreeBSD 6.2's pf and the route-to option.
>
> The arrangement looks something like this
>
>            Router
>              |
>    /---------+-------\
>    |                 |
>    |  +--------+     |     +--------+
>    +-0| lb 1   |1----+----0| web 1  |lo0--(x.100)
>    |  +--------+     |     +--------+
>    |                 |
>    |  +--------+     |     +--------+
>    \-0| lb 2   |1----+----0| web 2  |lo0--(x.100)
>       +--------+     |     +--------+
>                      |
>                      |     +--------+
>                      +----0| web n  |lo0--(x.100)
>                            +--------+
>
> Where x.100 is the routable IP address of the website. The Router has a
> route to x.100 via interface 0 of the load balancers, which use pf's route-to
> option to redirect the packets to one of the web servers, keeping state
> so further packets for the same connection go to the same web server.
>
> The web servers then sent the returning packets directly to the router.
>
> The problem I'm having is that the load balancers aren't actually
> passing packets. I have the following in their pf.conf:
>
> pass in on fxp0 route-to { web1, web2, webn } from any to x.100 keep state
>
> and that's it.
>
> Using tcpdump, I see packets coming into the load balancers, and I see
> state rules being setup according to that rule, but I never see
> packets leaving the load balancers, and definitely never see them
> hitting the web farm.
>
> Any ideas for what I'm doing wrong here?
>
> --
> Chip Marshall <chip@2bithacker.net>
> _______________________________________________
> freebsd-pf@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-pf
> To unsubscribe, send any mail to "freebsd-pf-unsubscribe@freebsd.org"
>

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?6e6841490702130349n54860aacm185792e37127e762>