Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.

Dismiss

freebsd-pf Digest, Vol 267, Issue 3

1 view

Skip to first unread message

freebsd-p...@freebsd.org

unread,

Nov 7, 2009, 7:00:19 AM11/7/09

to freeb...@freebsd.org

Send freebsd-pf mailing list submissions to
freeb...@freebsd.org

To subscribe or unsubscribe via the World Wide Web, visit
http://lists.freebsd.org/mailman/listinfo/freebsd-pf
or, via email, send a message with subject or body 'help' to
freebsd-p...@freebsd.org

You can reach the person managing the list at
freebsd-...@freebsd.org

When replying, please edit your Subject line so it is more specific
than "Re: Contents of freebsd-pf digest..."

Today's Topics:

1. Question about round robin (Kevin)
2. RE: Question about round robin (Kevin)
3. Re: Question about round robin (no name)
4. RE: Question about round robin (Catalin Miclaus)
5. Re: Question about round robin (Scott Ullrich)
6. Re: Question about round robin (Max Laier)
7. RE: Question about round robin (Kevin)
8. RE: Question about round robin (Kevin)
9. Re: Question about round robin (Miroslav Lachman)

----------------------------------------------------------------------

Message: 1
Date: Fri, 6 Nov 2009 10:33:22 -0500
From: "Kevin" <k...@kevinkevin.com>
Subject: Question about round robin
To: <freeb...@freebsd.org>
Message-ID: <00a201ca5ef6$7a4f3ee0$6eedbca0$@com>
Content-Type: text/plain; charset="us-ascii"

Hello,

I am curious about simple round robin load balancing w/ PF. I see how simple
it is to setup within the FreeBSD configuration file, but have a fairly
simple question.

Does PF detect if one of the addresses in the "pool" is not responsive? Or
does it just blindly send traffic to all the addresses in the pool
regardless? Is there some sort of heartbeat functionality or status check
perhaps? Has anyone accomplished something along these lines? Load balancing
would be pretty useless if I couldn't take a server out of the pool without
having to re-configure PF every time.

Any comments are appreciated!

Thanks,

Kevin
www.stardothosting.com

------------------------------

Message: 2
Date: Fri, 6 Nov 2009 11:01:24 -0500
From: "Kevin" <k...@kevinkevin.com>
Subject: RE: Question about round robin
To: "'no name'" <britne...@googlemail.com>
Cc: freeb...@freebsd.org
Message-ID: <00a501ca5efa$65640890$302c19b0$@com>
Content-Type: text/plain; charset="UTF-8"

> -----Original Message-----
> From: no name [mailto:britne...@googlemail.com]
> Sent: Friday, November 06, 2009 10:52 AM
> To: Kevin
> Cc: freeb...@freebsd.org
> Subject: Re: Question about round robin
>
> i am not quite sure but i assume pf does no availabililtty checks as
> responses from systems behind an address might take too long...
>
> - regards
>
> Am 06.11.2009 um 16:34 schrieb "Kevin" <k...@kevinkevin.com>:
>
> > Hello,
> >
> >
> >
> > I am curious about simple round robin load balancing w/ PF. I see
> > how simple
> > it is to setup within the FreeBSD configuration file, but have a
> > fairly
> > simple question.
> >
> > Does PF detect if one of the addresses in the "pool" is not
> > responsive? Or
> > does it just blindly send traffic to all the addresses in the pool
> > regardless? Is there some sort of heartbeat functionality or status
> > check
> > perhaps? Has anyone accomplished something along these lines? Load
> > balancing
> > would be pretty useless if I couldn't take a server out of the pool
> > without
> > having to re-configure PF every time.
> >
> >
> > Any comments are appreciated!
> >
> >
> > Thanks,
> >
> >
> > Kevin
> > www.stardothosting.com

I've searched the freebsd-* mailing list as well as gone through the handbook regarding load balancing w/ PF (http://www.openbsd.org/faq/pf/pools.html) and found no mention of any kind of inherent availability checks or anything along those lines. Have I missed something?

Seems that all the options (bitmask, random, source-hash, round-robin) provide for different ways to distribute traffic to the servers, but if a server dies or becomes unresponsive it would compromise the pool in itself. Most other load balancing solutions such as LVS can be incorporated with keepalived to allow for status checking.

I would love to know anyone who may have implemented a solution like that with PF + round robin.

Thanks,

Kevin

------------------------------

Message: 3
Date: Fri, 6 Nov 2009 16:51:52 +0100
From: no name <britne...@googlemail.com>
Subject: Re: Question about round robin
To: Kevin <k...@kevinkevin.com>
Cc: "freeb...@freebsd.org" <freeb...@freebsd.org>
Message-ID: <-3431979369893017739@unknownmsgid>
Content-Type: text/plain; charset=UTF-8

i am not quite sure but i assume pf does no availabililtty checks as
responses from systems behind an address might take too long...

- regards

Am 06.11.2009 um 16:34 schrieb "Kevin" <k...@kevinkevin.com>:

> Hello,
>
>
>
> I am curious about simple round robin load balancing w/ PF. I see
> how simple
> it is to setup within the FreeBSD configuration file, but have a
> fairly
> simple question.
>
> Does PF detect if one of the addresses in the "pool" is not
> responsive? Or
> does it just blindly send traffic to all the addresses in the pool
> regardless? Is there some sort of heartbeat functionality or status
> check
> perhaps? Has anyone accomplished something along these lines? Load
> balancing
> would be pretty useless if I couldn't take a server out of the pool
> without
> having to re-configure PF every time.
>
>
> Any comments are appreciated!
>
>
> Thanks,
>
>
> Kevin
> www.stardothosting.com
>
>
>
> _______________________________________________
> freeb...@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-pf
> To unsubscribe, send any mail to "freebsd-pf-...@freebsd.org"

------------------------------

Message: 4
Date: Fri, 6 Nov 2009 17:23:14 +0100
From: "Catalin Miclaus" <Cata...@starcomms.com>
Subject: RE: Question about round robin
To: "no name" <britne...@googlemail.com>, "Kevin"
<k...@kevinkevin.com>
Cc: freeb...@freebsd.org
Message-ID:
<3A0AA7018522134597ED...@STA-HQ-S001.starcomms.local>
Content-Type: text/plain; charset="utf-8"

As workaround you can write a script to check availability and update pf config accordingly that you can run from cron every minute.

Catalin Miclaus I ISP/Data Team
Starcomms Plc.

-----Original Message-----
From: owner-fr...@freebsd.org [mailto:owner-fr...@freebsd.org] On Behalf Of no name
Sent: Friday, November 06, 2009 4:52 PM
To: Kevin
Cc: freeb...@freebsd.org
Subject: Re: Question about round robin

i am not quite sure but i assume pf does no availabililtty checks as
responses from systems behind an address might take too long...

- regards

Am 06.11.2009 um 16:34 schrieb "Kevin" <k...@kevinkevin.com>:

DISCLAIMER: The information contained in this message (including any attachments) is confidential and may be privileged. If you have received it by mistake please notify the sender by return e-mail and permanently delete this message and any attachments from your system. Any form of dissemination, use, review, distribution, printing or copying of this message in whole or in part is strictly prohibited if you are not the intended recipient of this e-mail. Please note that e-mails are susceptible to change. STARCOMMS PLC shall not be liable for the improper or incomplete transmission of the information contained in this communication nor for any delay in its receipt or damage to your system. STARCOMMS PLC does not guarantee that the integrity of this communication has been maintained or that this communication is free of viruses, interceptions or interferences. STARCOMMS PLC reserves the right to monitor all e-mail communications, whether related to the business of STARCOMMS or
not, through its internal or external networks.

------------------------------

Message: 5
Date: Fri, 6 Nov 2009 11:35:26 -0500
From: Scott Ullrich <sull...@gmail.com>
Subject: Re: Question about round robin
To: Kevin <k...@kevinkevin.com>
Cc: no name <britne...@googlemail.com>, freeb...@freebsd.org
Message-ID:
<d5992baf0911060835q702...@mail.gmail.com>
Content-Type: text/plain; charset=ISO-8859-1

On Fri, Nov 6, 2009 at 11:01 AM, Kevin <k...@kevinkevin.com> wrote:
> I've searched the freebsd-* mailing list as well as gone through the handbook regarding load balancing w/ PF (http://www.openbsd.org/faq/pf/pools.html) and found no mention of any kind of inherent availability checks or anything along those lines. Have I missed something?
>
> Seems that all the options (bitmask, random, source-hash, round-robin) provide for different ways to distribute traffic to the servers, but if a server dies or becomes unresponsive it would compromise the pool in itself. Most other load balancing solutions such as LVS can be incorporated with keepalived to allow for status checking.
>
> I would love to know anyone who may have implemented a solution like that with PF + round robin.

Take a look at relayd and slbd.

Scott

------------------------------

Message: 6
Date: Fri, 6 Nov 2009 17:45:51 +0100
From: Max Laier <m...@love2party.net>
Subject: Re: Question about round robin
To: freeb...@freebsd.org
Cc: no name <britne...@googlemail.com>
Message-ID: <20091106174...@love2party.net>
Content-Type: Text/Plain; charset="iso-8859-1"

On Friday 06 November 2009 17:35:26 Scott Ullrich wrote:
> On Fri, Nov 6, 2009 at 11:01 AM, Kevin <k...@kevinkevin.com> wrote:
> > I've searched the freebsd-* mailing list as well as gone through the
> > handbook regarding load balancing w/ PF
> > (http://www.openbsd.org/faq/pf/pools.html) and found no mention of any
> > kind of inherent availability checks or anything along those lines. Have
> > I missed something?
> >
> > Seems that all the options (bitmask, random, source-hash, round-robin)
> > provide for different ways to distribute traffic to the servers, but if a
> > server dies or becomes unresponsive it would compromise the pool in
> > itself. Most other load balancing solutions such as LVS can be
> > incorporated with keepalived to allow for status checking.
> >
> > I would love to know anyone who may have implemented a solution like that
> > with PF + round robin.
>
> Take a look at relayd and slbd.

I was about to say ... http://www.freshports.org/net/relayd/

--
/"\ Best regards, | mla...@freebsd.org
\ / Max Laier | ICQ #67774661
X http://pf4freebsd.love2party.net/ | mlaier@EFnet
/ \ ASCII Ribbon Campaign | Against HTML Mail and News

------------------------------

Message: 7
Date: Fri, 6 Nov 2009 11:47:23 -0500
From: "Kevin" <k...@kevinkevin.com>
Subject: RE: Question about round robin
To: "'Max Laier'" <m...@love2party.net>, <freeb...@freebsd.org>
Cc: 'no name' <britne...@googlemail.com>
Message-ID: <00a801ca5f00$d182a800$7487f800$@com>
Content-Type: text/plain; charset="us-ascii"

> > Take a look at relayd and slbd.
>
> I was about to say ... http://www.freshports.org/net/relayd/

Thank you all for the suggestions so far. Ideally I'd like something that
can work with PF, such as relayd. Since this is only www load balancing, I
think that may be the best solution, although I am evaluating HAProxy as
well.

Thanks again ,

Kevin

------------------------------

Message: 8
Date: Fri, 6 Nov 2009 11:54:16 -0500
From: "Kevin" <k...@kevinkevin.com>
Subject: RE: Question about round robin
To: "'Miroslav Lachman'" <000....@quip.cz>
Cc: freeb...@freebsd.org
Message-ID: <00ab01ca5f01$c7afe580$570fb080$@com>
Content-Type: text/plain; charset="us-ascii"

> Tables are easily maintained by external applications / scripts - you
> can update theme without reloading of the rules. So you can write some
> little daemon pinging all your hosts and drop IP of unresponsive host
> from the table.
> Or you can write some complex system to monitor hosts resources (CPU
> load, free memory, disk IO, etc.) and maintain content of the table by
> this criteria so you can get balancing based on real server load.
>
> Miroslav Lachman

Since what I'm trying to do (balance simple www traffic) isn't that
complicated, I was hoping for some of this functionality to be inherent in
PF. Wishful thinking I guess :)

I wanted to avoid writing scripts, however, perhaps existing heartbeat /
status checking solutions can be integrated in this way.

Thank you

------------------------------

Message: 9
Date: Fri, 06 Nov 2009 17:49:56 +0100
From: Miroslav Lachman <000....@quip.cz>
Subject: Re: Question about round robin
To: Kevin <k...@kevinkevin.com>
Cc: freeb...@freebsd.org
Message-ID: <4AF453B4...@quip.cz>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed

Kevin wrote:
> I am curious about simple round robin load balancing w/ PF. I see how simple
> it is to setup within the FreeBSD configuration file, but have a fairly
> simple question.
>
> Does PF detect if one of the addresses in the "pool" is not responsive? Or
> does it just blindly send traffic to all the addresses in the pool
> regardless? Is there some sort of heartbeat functionality or status check
> perhaps? Has anyone accomplished something along these lines? Load balancing
> would be pretty useless if I couldn't take a server out of the pool without
> having to re-configure PF every time.

"The round-robin method will accept multiple individual addresses using
a list or table."

Tables are easily maintained by external applications / scripts - you
can update theme without reloading of the rules. So you can write some
little daemon pinging all your hosts and drop IP of unresponsive host
from the table.
Or you can write some complex system to monitor hosts resources (CPU
load, free memory, disk IO, etc.) and maintain content of the table by
this criteria so you can get balancing based on real server load.

Miroslav Lachman

------------------------------

End of freebsd-pf Digest, Vol 267, Issue 3
******************************************

0 new messages