ISO simple non-forking TCP connection forward/balance tool
Chuck Swiger
cswiger at mac.com
Fri Jan 22 20:43:13 UTC 2010
Hi--
On Jan 22, 2010, at 12:01 PM, Chris Peiffer wrote:
> Or is there a good way to do it in the kernel that I'm missing, and
> can someone direct me to an ipnat ruleset that creates new
> connections, so the TCP forwarding machine doesn't also need to be a
> router?
I don't know about ipnat, but natd (or kernel-level IPFW NAT functionality in newer versions of FreeBSD) redirect_port will do exactly what you've asked for:
-redirect_port proto targetIP:targetPORT[,targetIP:targetPORT[,...]]
[aliasIP:]aliasPORT [remoteIP[:remotePORT]]
-redirect_address localIP[,localIP[,...]] publicIP
These forms of -redirect_port and -redirect_address are used
to transparently offload network load on a single server and
distribute the load across a pool of servers. This function
is known as LSNAT (RFC 2391). For example, the argument
tcp www1:http,www2:http,www3:http www:http
means that incoming HTTP requests for host www will be trans-
parently redirected to one of the www1, www2 or www3, where a
host is selected simply on a round-robin basis, without
regard to load on the net.
(Userland natd doesn't need to fork for individual connections.)
Regards,
--
-Chuck
More information about the freebsd-questions
mailing list