Load Balancing under Linux (suggestion)
david nicol reading obsolescent UMKC mailboxes
umkc_mailbox at davidnicol.com
Fri Apr 26 05:13:18 CDT 2002
Gerald Combs wrote:
> It depends on the type of load balancing and failover you want to do. If
> you want to make sure the world can get to your mail server no matter
> what, you need to exchange routing information with more than one provider
> so that they can advertise your network to the rest of the world, and thus
> provide diverse paths for the world to get to your server.
just a mail server? it seems it would make more sense to constantly
update multiple MX records with short TTLs with all the interfaces.
> On the other hand, if you just want to make sure your company has enhanced
> outbound connectivity you can use the various tricks described in previous
> messages without the knowledge, approval, or interaction of your
> providers. However, the solutions that I saw (and suggested) seem a little
> kludgy for my tastes. There ought to be a more straightforward way to
> point iptables, ipfilter, squid et al at separate interfaces, and then
> tell them to dynamically distribute outbound load across them.
what does iptables to to current masqed connections when you alter the
rules?
If it leaves them alone it seems that you could
have a backgrounded shell that does something like
iptables -t nat -A POSTROUTING -o eth3 -j MASQUERADE
while sleep 1 do
iptables -t nat -R POSTROUTING 1 -o eth1 -j MASQUERADE
sleep 1
iptables -t nat -R POSTROUTING 1 -o eth2 -j MASQUERADE
sleep 1
iptables -t nat -R POSTROUTING 1 -o eth3 -j MASQUERADE
done
anyone feel like trying this?
.... it would confuse the hell out of FTP servers
More information about the Kclug
mailing list