D&C Lug - Home Page
Devon & Cornwall Linux Users' Group

[ Date Index ][ Thread Index ]
[ <= Previous by date / thread ] [ Next by date / thread => ]

Re: [LUG] Routing Strangeness



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Monday 03 June 2002 12:30 pm, Theo Zourzouvillys wrote:
Failing that i can't get it working
here, we need to get another one (one for internal, one for external) - and
they're not cheap at 25k a pop!

ok, so i gave in. and did somethign even more funky - putting cisco/arpt to 
shame ;)

and it was just too easy.

two linux boxes, set as a gateway one ar primary gateway, one as secondary (on 
the webservers).

a simple perl daemon that monitors the servers continuously, via connecting to 
the webserver itself and checking it gets a HTTP 200 OK back, if it doesn't 
respond within 5 seconds, i use my IPTables perl module 
(http://theo.me.uk/pages.shtml?page=IPTables) to add or remove the server, 
which is a standard DNAT rule balanced over all the servers.

the only problem with this is i can't weigh servers depending on their 
response time (the arrowpoints use ACA, or "Arrowpoint Content Aware) to work 
out how many conenctions each one currently has, as well as how fast they are 
building up and bashing down fglows to see which servers should deal with the 
next flow.

So what i'm thinking of doing now is writting an iptables extension that talks 
to a userspace daemon (that monitors the services) to set wieghts, then 
balance acordingly.  Hmm.

the only question i have though...

to do that and make the linux boxes themself truly load balanced, i'd have to 
share the conntrack hash bucket over both servers, which would be daunting to 
say the least - it sure ain't possible right now, but might not be too hard 
to implement in a module, possibly talkign via a serial cable?  has anyone 
had any experiance with load balancing NAT and stateful flows through linux 
boxes?

Yes, i know lvs does this sort of stuff in a way - but lvs doesn't do it 
properly either, it uses a promary and secondard sorry server methology, 
which isn't waht i need - i need both boxes to be constantly active to handle 
the traffic.

any thoughts, comments to my madness would be appreciated.

~ Theo, who is gonna be up for the day now.

- -- 

Theo Zourzouvillys
http://zozo.org.uk/

Chess tonight.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)

iD8DBQE9DEZM448CrwpTn6YRAp7RAJ9SgVU2mMCXENdVouutLLv/QFwL0wCg7t3y
lczrekDXxiULVb68QV/Iarg=
=VA6f
-----END PGP SIGNATURE-----


--
The Mailing List for the Devon & Cornwall LUG
Mail majordomo@xxxxxxxxxxxx with "unsubscribe list" in the
message body to unsubscribe.


Lynx friendly