Date: Wed, 14 Jan 2004 12:50:09 -0600 From: Tillman Hodgson <tillman@seekingfire.com> To: FreeBSD-Questions <freebsd-questions@freebsd.org> Subject: Re: Loading balancing with more than one ISP. Message-ID: <20040114185008.GX415@seekingfire.com> In-Reply-To: <200401141827.30569.ajacoutot@lphp.org> References: <20040114134255.GA59317@kumprang.or.id> <009201c3daad$31d89220$1100a8c0@dtg17> <20040114163043.GL415@seekingfire.com> <200401141827.30569.ajacoutot@lphp.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, Jan 14, 2004 at 06:27:30PM +0100, Antoine Jacoutot wrote: > On Wednesday 14 January 2004 17:30, Tillman Hodgson wrote: > > I'm a heavy Zebra (migrating to Quagga) user. Using dynamic routing is > > very handy, but it won't solve the problem of balancing load across two > > connections. > > Thanks for the feedback :) > > > So you can't round-robin between two default gateways. You /can/, > > however, send traffic for different destinations out of different links. > > For example, I send my nightly CVSup traffic and other automated > > downloads out of a regular ADSL link in order to prevent swamping my > > main link. > > What I'm hoping to do is find a way to route all paquets coming: > - from DMZ to internet, using NET connexion1 > - from LAN to internet, using NET connection2 > > To be more understandable, something like this: > route add from DMZ defaut em0 > route add from LAN defaut em1 > --> I know it is not a real command line, it's just to make things clearer. That's basically source-based routing, as opposed to the normal destination based routing. Normal routing says "Based on the fact that you want to go to network X, I'll send you to gateway Y". Source-based routing says "Based on IP address that you're coming from, I'll send to you to gateway Y". On FreeBSD, source-based routing is done with the IPFW 'fwd' command (or the IPFilter 'pass out quick on <int_2> to <int_1>' syntax) rather that using the `route` command. I'm doing that myself (with IPFilter) and it works well. It's confusing to set up initially because you have to take into account the interaction between normal routing and firewall-based source routing. If you're also NAT'ing and using dynamic IPs understanding how it all can be made to work is an enlightening experience ;-) > > If your upstream providers support dynamic routing protocols, then you > > can get that destination information automatically. But that's not the > > same as load balancing, it's best-path selection. > > And if it doesn't ? Then you have to figure out and enter the best paths yourself as static routes. Pain in the butt and likely to drift from reality over time. For example, if my CVSup server of choice were to change it's IP address (which I have no control over and am not likely to be notified about), then my static route won't apply and my CVSup traffic, which I've so carefully ensured won't affect my main link, will start going over my main link. -T -- The tao that can be told is not the eternal Tao. The name that can be named is not the eternal Name. - Tao Te Ching
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040114185008.GX415>