From mboxrd@z Thu Jan 1 00:00:00 1970 From: Alex Samad Date: Tue, 05 Jun 2007 21:09:02 +0000 Subject: Re: [LARTC] Multihome load balancing - kernel vs netfilter Message-Id: <20070605210902.GF31415@samad.com.au> MIME-Version: 1 Content-Type: multipart/mixed; boundary="===============1869241242==" List-Id: References: <4647FA30.5040401@rabbit.us> In-Reply-To: <4647FA30.5040401@rabbit.us> To: lartc@vger.kernel.org --===============1869241242== Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="k3qmt+ucFURmlhDS" Content-Disposition: inline --k3qmt+ucFURmlhDS Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Tue, Jun 05, 2007 at 02:48:01PM +0800, Salim S I wrote: >=20 >=20 > -----Original Message----- > From: Luciano Ruete [mailto:luciano@lugmen.org.ar]=20 > Sent: Saturday, June 02, 2007 11:28 AM > To: Salim S I > Cc: lartc@mailman.ds9a.nl > Subject: Re: [LARTC] Multihome load balancing - kernel vs netfilter >=20 > >Is not about ego, sorry if you take this personal, it is not my > intention, >i=20 > >speak rude because this list get heavly indexed by google, and it is > taked >as=20 > >good advice for many answer seekers. > > > >You afirm that Linux cannot handle load balancing properly and this is= =20 > >completly WRONG and is bad advertising and a lie.=20 > > > >Since 2.4 series has been avaible the greats julian's patchs[1], and > then >in=20 > >2.6.12 CONNMARK has get in mainline, and with a litle of setup all > >connection=20 > >problems related to load balancing get perfectly solved. >=20 >=20 > I did not say Linux can't do Load balancing (btw, my setup has Julian's > DGD patch as well as CONNMARK). But there are some limitations to the > popular methods currently used. >=20 > 1.As Peter Rabbitson [rabbit@rabbit.us] mentioned, one issue is the > separate control and data servers. He mentions AIM servers as example. > This probably can only be solved by having exception IP list.=20 >=20 > 2.The other situation, and the one I am more concerned, is about > different connections which belongs to same session. >=20 > Consider Client X and Server Y.=20 >=20 > Client X initiates a connection from port a to port b of server Y. >=20 > Xa <---> Yb This connection goes through WAN1. >=20 > After sometime, X opens another connection to Y from port c to port d. >=20 > Xc <---> Yd This is a perfectly new TCP connection, so it may go > through WAN2 >=20 > (Note that the client is NATed, and that no CONNTRACK exist for this > app) >=20 > The server may reject the second and subsequent connections as it comes > in with a different source IP than the first. >=20 > This situation happens often in IM and Gaming scenarios. Some sort of IP > persistence is required to handle this. And I was wondering if recent > match would solve this to an extent, without affecting performance. Or > if there are some other method available. (Note that I can't depend much > on cache). Are all of these idioms of each method documented in the wiki ? So what is the preferred method going forward ? >=20 >=20 >=20 >=20 > _______________________________________________ > LARTC mailing list > LARTC@mailman.ds9a.nl > http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc >=20 --k3qmt+ucFURmlhDS Content-Type: application/pgp-signature; name="signature.asc" Content-Description: Digital signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFGZdDukZz88chpJ2MRAtUQAJ9Yzqx+dbeAil6I0sZ/8BuEEFRjvwCfZFWk V1GyrJN6ITqgFysu3fs3bjo= =KBrA -----END PGP SIGNATURE----- --k3qmt+ucFURmlhDS-- --===============1869241242== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc --===============1869241242==--