Re: [LARTC] Load Balance Outbound AND Inbound Internet Traffic to

[Andy Furniss <andy.furniss@dsl.pipex.com>]

Joe Nuts wrote:
> Thanks again for the response, Andy.
> I've done a tremendous amount of research, and set-up to test the
> multi-link ppp, and I still have not been successful in my search.
> The problem i've found out from working with ppp, and pppoe, is that I
> can only create a ppp connection between two devices on the same
> broadcast network. I.E. two devices connected by some kind of bridged
> ethernet.
> This wouldnt be an option for me, because the DSL connections to the
> client make it to the ISP over an ATM line, directly to a router. The
> router plugs in to a layer-2 switch, which then our server plugs in
> to.
> I would need to create maybe a GRE tunnel from the client to the
> server, so that the pppoe client requests would make it to the server,
> to then create the ppp connection.
> 
> And that's just to get the one connection going, i'd like to be able
> to multilink multiple connections.
> 
> If there were some way to multilink gre (or IPIP) tunnels, to get
> combined bandwith on single connections, that would be ideal. But I
> have not found any solutions along those lines.
> My next attempts will be multilink pppoe tunnels over gre tunnels, and
> I'm also researching what BSD has to offer in that arena.
> 
> Any suggestions are welcome.

I don't know whether you can link tunnels or not.

Another way you could look into is doing it at IP level using the 
netfilter patch Nth. You could just round robin packets over the links - 
not as nice as multilink as packet size isn't accounted for, but may be 
OK in practise.

Below is the help for it - You may not need to do the NAT but AIUI you 
could use it to mark and then route using the marks.

Andy.

Author: Fabrice MARIE <fabrice@netfilter.org>
Status: Works For Me.

This option adds CONFIG_IP_NF_MATCH_NTH, which supplies a match
module that will allow you to match every Nth packet encountered.
By default there are 16 different counters that can be used.

This match functions in one of two ways
1) Match ever Nth packet, and only the Nth packet.
    example:
     iptables -t mangle -A PREROUTING -m nth --every 10 -j DROP
    This rule will drop every 10th packet.
2) Unique rule for every packet.  This is an easy and quick
    method to produce load-balancing for both inbound and outbound.
    example:
     iptables -t nat -A POSTROUTING -o eth0 -m nth --counter 7 \
              --every 3 --packet 0 -j SNAT --to-source 10.0.0.5
     iptables -t nat -A POSTROUTING -o eth0 -m nth --counter 7 \
              --every 3 --packet 1 -j SNAT --to-source 10.0.0.6
     iptables -t nat -A POSTROUTING -o eth0 -m nth --counter 7 \
              --every 3 --packet 2 -j SNAT --to-source 10.0.0.7
    This example evenly splits connections between the three SNAT
    addresses.

    By using the mangle table and iproute2, you can setup complex
    load-balanced routing.  There's lot of other uses.  Be creative!

Suppported options are:
    --every     Nth         Match every Nth packet
   [--counter]  num         Use counter 0-15 (default:0)
   [--start]    num         Initialize the counter at the number 'num'
                            instead of 0. Must be between 0 and Nth-1
   [--packet]   num         Match on 'num' packet. Must be between 0
                            and Nth-1.
                            If --packet is used for a counter than
                            there must be Nth number of --packet
                            rules, covering all values between 0 and
                            Nth-1 inclusively.




_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/