All of lore.kernel.org
 help / color / mirror / Atom feed
From: Vincent Jaussaud <tatooin@kelkoo.com>
To: lartc@vger.kernel.org
Subject: Re: [LARTC] many ways to do load balancing (or not?)
Date: Mon, 25 Nov 2002 13:20:58 +0000	[thread overview]
Message-ID: <marc-lartc-103823051501994@msgid-missing> (raw)
In-Reply-To: <marc-lartc-103788125614081@msgid-missing>

On Fri, 2002-11-22 at 19:47, William L. Thomson Jr. wrote:

> Actually if you create the proper rules, there are gateways defined in a
> table prior to the multipath. So if the route is know via cache, it will
> take a known gateway.
> 
Yes.

> Otherwise if it is not, it will be compared to each table, and then
> finally hit the multipath equalize one and go from there.
> 
> > But in such situation, the sraddr in the replies packets are likely to
> > be set to the one on which the original request came on.
> 
> Which will use the rules if defined. They should be there.
Yes.

> Haven't really seen and problems there. So far from my experience my DNS
> queries use both TCP and UDP. I have not seen and problems effecting UDP
> and not TCP. But DNS lookups are quick and short, as most UDP services,
> so there could be some problems there that are not effecting me in my
> current scenario.
> 
That's good news. Normally, TCP port 53 is only used for zone
transferts, while UDP port is used for DNS queries. If you don't see
anything strange in your logs, such as "connection reset by peer", then
it means it works fine. Well, you probably already figured this out :-)

Did you tried with other UDP services ? (like timed for instance)

If it works for simple UDP servers like timed, then I would definitly
consider linux as the best OS in the world ;-)

> > Also, if our ISPs don't do rp_filtering, then we don't care what link is
> > beeing used for the replies, as soon as the saddr is correct.
> 
> Not sure here, I never got into that aspect. I just assumed they did do
> rp filtering. I played with turing rp filtering on in the Linux router,
> but in the end left it on or what ever the default is.

Anyway, if the do, it should be simple to ask them to disable
rp_filtering. I had some talks with my ISP some days ago, and according
to them, most ISPs don't bother with rp_filtering, except for private
netblocks trying to 'escape' in case of a broken NAT configuration.


-- 
Vincent Jaussaud
Kelkoo.com Security Manager 
email: tatooin@kelkoo.com

"The UNIX philosophy is to design small tools that do one thing, and do
it well."

_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/

      parent reply	other threads:[~2002-11-25 13:20 UTC|newest]

Thread overview: 22+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2002-11-21 12:19 [LARTC] many ways to do load balancing (or not?) Andreas Hasenack
2002-11-21 17:46 ` Ashok N N
2002-11-21 19:11 ` Andreas Hasenack
2002-11-21 20:00 ` Ramin Alidousti
2002-11-21 22:20 ` William L. Thomson Jr.
2002-11-21 22:55 ` Christoph Simon
2002-11-21 23:41 ` Christoph Simon
2002-11-22  0:06 ` William L. Thomson Jr.
2002-11-22  0:24 ` William L. Thomson Jr.
2002-11-22  1:17 ` Ashok N N
2002-11-22 12:28 ` Andreas Hasenack
2002-11-22 12:30 ` Andreas Hasenack
2002-11-22 12:39 ` Andreas Hasenack
2002-11-22 12:41 ` Andreas Hasenack
2002-11-22 13:00 ` Christoph Simon
2002-11-22 13:26 ` Vincent Jaussaud
2002-11-22 18:05 ` William L. Thomson Jr.
2002-11-22 18:21 ` William L. Thomson Jr.
2002-11-22 18:37 ` William L. Thomson Jr.
2002-11-22 18:47 ` William L. Thomson Jr.
2002-11-22 20:34 ` Andreas Hasenack
2002-11-25 13:20 ` Vincent Jaussaud [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=marc-lartc-103823051501994@msgid-missing \
    --to=tatooin@kelkoo.com \
    --cc=lartc@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.