From: Andrew Beverley <andy@andybev.com>
To: "Usuário do Sistema" <maiconlp@ig.com.br>
Cc: netfilter@vger.kernel.org
Subject: Re: Load Balance
Date: Mon, 16 May 2011 22:38:32 +0100 [thread overview]
Message-ID: <1305581912.2041.15.camel@andybev-desktop> (raw)
In-Reply-To: <BANLkTim4bnzaeD9yny7uV6fBfB=k-XAc6A@mail.gmail.com>
On Mon, 2011-05-16 at 17:24 -0300, Usuário do Sistema wrote:
> >> Hello everyone, I'm deploy an test environment with load Balance in my
> >> Firewall using equalize as follow below
> >>
> >> creating the load balance:
> >>
> >> ip route add default scope global equalize nexthop via 200.247.209.65
> >> weight 1 nexthop via 201.72.12.1 weight 1
> >>
> >
> > If you are using 2 completely separate ISPs, then you will need to do
> > more than just provide equal-weighted gateways. You will need to send
> > the packets for each connection over the same ISP. The website below
> > gives more information:
> >
> > http://www.sysresccd.org/Sysresccd-networking_en_Iptables-and-netfilter-load-balancing-using-connmark
> >
<top posting fixed>
> well.... the link made available for you shows how to do load balance
> with connmark and statistic match module and it doesn't regard global
> equalize.
>
> so...I wonder there is diferent between them ?
Yes. The example at the link ensures that packets from the *same*
connection stream are always routed through the same ISP (hence the
reason for asking the question). If you don't do this, then each gateway
will only see half the packets for a connection stream, which although I
am not an expert, I guess is not a good thing.
> with global equalize is very easy I only insert one line inside of the
> script and all it's work! at least in my test environment it's
> working.
But is your test environment using one gateway with two routes?
> I want make an test as your how to but I'm using CentOS 5.6 and
> doesn't has libxt_statistic.so module because iptables version is
> 1.3.x
Use a different distro...
Andy
next prev parent reply other threads:[~2011-05-16 21:38 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-04-17 23:22 Load Balance Usuário do Sistema
2011-05-15 17:23 ` Andrew Beverley
2011-05-16 20:24 ` Usuário do Sistema
2011-05-16 21:38 ` Andrew Beverley [this message]
2011-05-16 22:42 ` Usuário do Sistema
2011-05-17 0:45 ` Grant Taylor
2011-05-17 17:00 ` Usuário do Sistema
2011-05-17 18:07 ` Grant Taylor
2011-05-17 20:06 ` Usuário do Sistema
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1305581912.2041.15.camel@andybev-desktop \
--to=andy@andybev.com \
--cc=maiconlp@ig.com.br \
--cc=netfilter@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).