Re: Load balancing and fail-over

Thu, 17 May 2012 01:13:02 -0700 

On 2012/05/17 13:20, Indunil Jayasooriya wrote:
>
>
>     Route lookups are based on the *destination* address not the source
>     address, you could add a route for a certain destination via a
>     certain interface to send packets out that way.
>
>
> Hmm. that sounds good to me. Since I have 2 interfaces for 2 different
> WAN connections.  It is possible to add route to a certain destination
> ip address in /etc/hostname.em0 and /etc/hostname.em1 files and make
> permanent in this way.
>
>
> /etc/hostname.em0
>
> inet 192.168.10.6 255.255.255.0
> !route add -host 173.194.38.184 192.168.10.5
> !route add -mpath default 192.168.10.5
>
>
> /etc/hostname.em1
>
> inet 192.168.20.6 255.255.255.0
> !route add -host 173.194.38.191 192.168.20.5
> !route add -mpath default  192.168.20.5
>
>
> Then, a shell script in crontab can ping those destination ip
> addresses  and see if they are UP or DOWN. ( ifstated also can do it.
> But, I will have to understand its behaviour )
>
>
> When , both are up Up, nothing is DONE  and when one fails remove that
> -mpath default route
>
> In this manner, When one link goes down, all traffic will go via the
> available link.
>
> That is what I am looking for. I think I am right.
>
> I am right ain't I?

Yes I think this is what you're looking for.


> Then, I will have to discuss this below rule as well.
>
>
> pass in on $int_if from $lan_net \
>     route-to { ($ext_if1 $ext_gw1), ($ext_if2 $ext_gw2) } \
>     round-robin
>
>
> When one link goes DOWN, Will all the traffic go via the available link
> ?
>
> Does the above rule do this duty?

No, your script or ifstated config will need to adjust this rule,
you can do this by using a macro to write the rule, something like this:

GATEWAYS="1.1.1.1@em0 2.2.2.2@em1"
pass in on $int_if from $lan_net route-to { $GATEWAYS }

This helps because you can override the macro on the pfctl command line,
so you can use something like to reload the ruleset with your choice
of gateway:

pfctl -D GATEWAYS="1.1.1.1@em0" -f /etc/pf.conf
pfctl -D GATEWAYS="2.2.2.2@em1" -f /etc/pf.conf
pfctl -D GATEWAYS="1.1.1.1@em0 2.2.2.2@em1" -f /etc/pf.conf

While you're testing, use "pfctl -v ..." if you would like to check
how the parsed rules look.

>
> I think I am getting closer to achieve the goal.
>
> Hi, Stuart Henderson, Many thanks to  your effort that put forth me to
> go ahead,
>
>
> Hope to hear from ALL.
>  
>
>
>
>
>
>
> --
> Thank you
> Indunil Jayasooriya

Reply via email to