| 1 |
Kurt Lieber wrote: |
| 2 |
|
| 3 |
>Any network load balancing solutions out there that might help? I've |
| 4 |
>already checked: |
| 5 |
> |
| 6 |
>http://lartc.org/howto/lartc.rpdb.multiple-links.html |
| 7 |
> |
| 8 |
> |
| 9 |
> |
| 10 |
Somebody posted the same problem in focus-linux list |
| 11 |
over at securityfocus.com |
| 12 |
|
| 13 |
http://securityfocus.com/archive/91/2004-04-16/2004-05-11/1 |
| 14 |
|
| 15 |
to qoute one of the more informative reply: |
| 16 |
|
| 17 |
<qoute> |
| 18 |
James Couzens wrote: |
| 19 |
|
| 20 |
>>Le sam 17/04/2004 à 06:46, Ravi a écrit : |
| 21 |
>> |
| 22 |
>> |
| 23 |
>>> -vrrpd if using two gateways |
| 24 |
>>> |
| 25 |
>>> |
| 26 |
>>VRRP is a failover protocol. I don't see how you can achieve load |
| 27 |
>>balancing with. |
| 28 |
>> |
| 29 |
>> |
| 30 |
> |
| 31 |
>What you fellows seek is the Linux Virtual Server ("LVS") project which |
| 32 |
>is currently available in both 2.4 and 2.6 linux kernels. LVS turns |
| 33 |
>your router into a Layer-3, Layer-4, and Layer-5/7 switch. Setup is |
| 34 |
>simplistic and the load balancing functionality is second to none. LVS |
| 35 |
>can also be implemented in three different ways, DIRECTOR, NAT, and |
| 36 |
>TUNNEL. |
| 37 |
> |
| 38 |
>Should you wish to high availability I would recommend the keepalived |
| 39 |
>project which offers VRRP support through its independent VRRPv2 stack |
| 40 |
>for failover detection and execution, and handles individual service |
| 41 |
>checks with the ability to pull individual services or fail over the |
| 42 |
>entire server. There is also a keepalived fork which offers "threaded |
| 43 |
>plugin" support which adds even more functionality. |
| 44 |
> |
| 45 |
>In short keepalived is userspace daemon for LVS cluster nodes |
| 46 |
>healthchecks and LVS directors failover. |
| 47 |
> |
| 48 |
>Linux Virtual Server Project: |
| 49 |
>http://www.linuxvirtualserver.org/ |
| 50 |
> |
| 51 |
>HealthChecking for LVS & High Availability through keepalived: |
| 52 |
>http://keepalived.sourceforge.net/ |
| 53 |
> |
| 54 |
>keepalived w/ Threaded-Health-Check support: |
| 55 |
>http://homes.tiscover.com/jrief/keepalived/ |
| 56 |
> |
| 57 |
> |
| 58 |
>Linux Kernel routing patch: http://www.ssi.bg/~ja/routes-2.6.4-10.diff |
| 59 |
> |
| 60 |
>- Static Routes (remain during failure) |
| 61 |
>- Alternative Routes (multipath) |
| 62 |
>- Dead Gateway Detection (removes multi-path routes during failure) |
| 63 |
>- NAT (correct routing during use of multi-paths) |
| 64 |
> |
| 65 |
>Multi-path howto: |
| 66 |
>http://www.ssi.bg/~ja/nano.txt |
| 67 |
> |
| 68 |
>Dead Gateway Detection explained: |
| 69 |
>http://www.ssi.bg/~ja/dgd-usage.txt |
| 70 |
> |
| 71 |
>Dead Gateway Detection status: |
| 72 |
>http://www.ssi.bg/~ja/dgd.txt |
| 73 |
> |
| 74 |
>Julian Anastasov is my hero, grab myriads of other excellent patches |
| 75 |
>from his website here, in addition to DGD patches for kernels other than |
| 76 |
>2.6.x: http://www.ssi.bg/~ja/ |
| 77 |
> |
| 78 |
>Having spent a recent weekend with the OpenBSD team at their pf |
| 79 |
>Hackathon, I was given an exceptional look into pf's current and future |
| 80 |
>status. That being said, you can do load balancing through pf in |
| 81 |
>addition to making use of the Common Address Redundancy Protocol |
| 82 |
>("CARP") which is a protocol not myred in the patent problems which have |
| 83 |
>plauged VRRP. CARP has been developed by members of the OpenBSD team. |
| 84 |
>You can find this all in the just recently released v3.5 (I managed to |
| 85 |
>obtain a pre copy at CansecWest/Core04 <3) of OpenBSD available for |
| 86 |
>download or purchase from their website. |
| 87 |
> |
| 88 |
>Firewall Failover with pfsync and CARP: |
| 89 |
>http://www.countersiege.com/doc/pfsync-carp/ |
| 90 |
> |
| 91 |
>CARP port to FreeBSD 5.x: |
| 92 |
>http://pf4freebsd.love2party.net/carp.html |
| 93 |
> |
| 94 |
>Although the OpenBSD functionality is not near as mature, or feature |
| 95 |
>rich, its well on its way to delivering much needed networking |
| 96 |
>functionality to the BSD community. I'm currently in the middle of |
| 97 |
>stress testing this code myself, but to date it delivers the goods, and |
| 98 |
>I look forward to future enhancements and userland utilities to assist |
| 99 |
>in management. |
| 100 |
> |
| 101 |
>Cheers, |
| 102 |
> |
| 103 |
>James |
| 104 |
> |
| 105 |
> |
| 106 |
> |
| 107 |
|
| 108 |
</qoute> |
| 109 |
|
| 110 |
|
| 111 |
Joey |
Archives