Date: Mon, 10 Jan 2011 14:56:40 +0100 From: Thomas Steen Rasmussen <thomas@gibfest.dk> To: Francisco Reyes <lists@stringsutils.com>, freebsd-net@freebsd.org Subject: Re: Lagg questions Message-ID: <4D2B1018.4020500@gibfest.dk> In-Reply-To: <cone.1294665690.665557.3413.1000@shelca> References: <cone.1294602157.25706.3413.1000@shelca> <4D2ADCED.8060809@gibfest.dk> <cone.1294665690.665557.3413.1000@shelca>
next in thread | previous in thread | raw e-mail | index | archive | help
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 10-01-2011 14:21, Francisco Reyes wrote: > Thomas Steen Rasmussen writes: > >> Using lagg to bundle two uplinks to two different providers will >> not work as you intend. You need to look into using pf or >> something similar to balance layer 3 traffic across two uplinks. >> I have had this running at home for years with pf, and it works >> great. > > Is this along the lines of what I need? > http://www.openbsd.org/faq/pf/pools.html > > Address pools can be used in combination with the route-to filter > option to load balance two or more Internet connections when a > proper multi-path routing protocol (like BGP4) is unavailable. By > using route-to with a round-robin address pool, outbound > connections can be evenly distributed among multiple outbound > paths Hello, Yes, my setup is based on "route-to" and reply-to, although my setup is less "automatic" since there is a considerable speed difference between my two uplinks (DSL and 50meg fiber). I manually pick the DSL uplink using SSH or a webinterface, if I need to do something from the DSL. If you go with fully automated load balancing across the two uplinks: Be aware that the lack of "proper multipath routing" will be a problem when accessing some sites/applications/systems - like websites with load balancing across different IP addresses. Example: - - Client 1 connects to service X, uplink A is chosen (for the full session due to the state). - - At some point service X redirects client 1 to another mirror, and uplink B is chosen. - - If service X for security reasons checks the client IP address, client 1 will receive an error saying something like "session ip mismatch" or whatever. I've been able to work around these problems when they popped up, not too often fortunately. The solutions are not pretty, though. Good luck with it, Thomas Steen Rasmussen ps. Additional pf questions may be more suitable to post on the freebsd-pf list :) -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk0rEBgACgkQGjEBQafC9MBWZgCggM+82VQPg+ATDO+raTt7dwVa Qq0An3aL/TPfZV/v5ctsptKVypHHps4F =XVBc -----END PGP SIGNATURE-----
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4D2B1018.4020500>