lvs on freebsd setup problem,

Oliver Fromme olli at lurza.secnetix.de
Wed Jul 15 07:32:10 UTC 2009 

wenew zhang <wenewboy at gmail.com> wrote:
 > i tring haproxy,in below situation,LB forward http header to A,B,C,C,
 > but how about the Web Server response the client's,
 > the response data still through then LB1?that the point,
 > LB1 only have 10M bandwidth as Web Servers,
 > in my situation,clients need download big-flash file about 5M,
 > i need web server response the client directly,
 > sorry to say it again,
 > i need confidence!
 > 
 > 
 > 192.168.1.1    192.168.1.11-192.168.1.14   192.168.1.2
 >  -------+-----------+-----+-----+-----+--------+----
 >         |           |     |     |     |       _|_db
 >      +--+--+      +-+-+ +-+-+ +-+-+ +-+-+    (___)
 >      | LB1 |      | A | | B | | C | | D |    (___)
 >      +-----+      +---+ +---+ +---+ +---+    (___)
 >      haproxy        4 cheap web servers

Just a question:  Did you consider DNS-based round-robin?
It's a very simple solution if you just need LB (not HA),
and the traffic doesn't have to go through a single proxy
so there is no bottle-neck problem.

The downside is, of course, that you need multiple external
IP addresses.

If you have only one IP address, a "poor man's round-robin"
solution would be to balance the traffic by port numbers:
The internal web servers are assigned port numbers from 81
to 84.  On port 80 there is only a simple script that
returns redirects to ports 81 to 84 in random order.
The downside is that the port number appears in the URL
line of the client browser, which is ugly.  (Putting a
proper <BASE> tag in the header of all of your HTML pages
mitigates the problem a little bit, though.)

A "clean" solution will involve some kind of transparent
proxy or gateway that handles the incoming packets and
forwards them to a random web server (but it must be the
same web server for all packets belonging to the same TCP
connection), then have the web server send the reply
directly to the client.

I think you might be able to do this with a bunch of IPFW
"fwd" rules.  The LB machine will have "fwd" rules with
the "prob" tag to forward incoming packets to a random web
server.  Using the "keep-state" tag will make sure that
packets belonging to the same TCP connection will go to
the same web server.  The web servers should send the
reply packets directly to your outgoing router.  You have
to be careful with NAT.  I haven't tried to do this myself,
but it should be possible to make it work.

All of the above can be done without third-party software.

Best regards
   Oliver

-- 
Oliver Fromme, secnetix GmbH & Co. KG, Marktplatz 29, 85567 Grafing b. M.
Handelsregister: Registergericht Muenchen, HRA 74606,  Geschäftsfuehrung:
secnetix Verwaltungsgesellsch. mbH, Handelsregister: Registergericht Mün-
chen, HRB 125758,  Geschäftsführer: Maik Bachmann, Olaf Erb, Ralf Gebhart

FreeBSD-Dienstleistungen, -Produkte und mehr:  http://www.secnetix.de/bsd

"The last good thing written in C was
Franz Schubert's Symphony number 9."
        -- Erwin Dieterich

More information about the freebsd-cluster mailing list