Date: Mon, 3 Apr 2006 11:48:59 +0300 From: Kostas Zorbadelos <kzorba@otenet.gr> To: Max Laier <max@love2party.net> Cc: freebsd-pf@freebsd.org Subject: Re: Address pools and load balancing issues Message-ID: <20060403084859.GE26450@enigma.otenet.gr> In-Reply-To: <200604021749.48171.max@love2party.net> References: <20060402082519.GA25134@enigma.otenet.gr> <200604021749.48171.max@love2party.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, Apr 02, 2006 at 05:49:42PM +0200, Max Laier wrote: > On Sunday 02 April 2006 10:25, Kostas Zorbadelos wrote: > > Ideally, I > > would like to express all my pools as tables and have all the > > different algorithms for load balancing available. > > The problem is what does bitmask or source-hash mean for a table? > What do you > apply the bitmask to? I can understand that bitmask requires the use of a continuous network block. > What do you hash to? On the other hand, I see no reason not to hash, or choose randomly to/from a discrete set of addresses. > The other problem is the > internal organization of tables that is optimized for lookups and doesn't > work as a list or array which is required for hashing. I will try my best to give a look at the actual code. I believe you are telling me that the representation of tables is in a data structure of some sort (a tree or something?) that makes it difficult to hash or choose randomly. If this is the case, the situation could be fixed (with a certain cost of course). > A sollution would be > to have real address lists, but I doubt that will happen any time soon. > Do you mean have data structures internally that represent effectivelly address lists? > As for a workaround sollution for you. sticky-address works also without > states, provided you set a reasonable value for "set timeout source-track" as > described in pf.conf(5). Yes, I saw that, thanks very much for confirming, I believe this is the way to go. > Another option is to just make your webserver into > a continuous netbock via rdr/binat rules. You should be able to map them > into a private netbock and can then apply source-hash load-balanceing to > that. Of course there is overhead associated with that as well. It really > depends on your usecase which is the most workable sollution. > Although this could provide a solution, I believe it is a non elegant hack. Thanks for the suggestion though. > > Thanks in advance and congratulations to all the people involved in pf > > for the great work. > > -- > /"\ Best regards, | mlaier@freebsd.org > \ / Max Laier | ICQ #67774661 > X http://pf4freebsd.love2party.net/ | mlaier@EFnet > / \ ASCII Ribbon Campaign | Against HTML Mail and News Best regards, Kostas -- Kostas Zorbadelos m@il contact: kzorba (at) otenet.gr Out there in the darkness, out there in the night out there in the starlight, one soul burns brighter than a thousand suns.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20060403084859.GE26450>