PF + load balancing over 100Mbit traffic

Adam PAPAI wooh at wooh.hu
Thu Dec 3 08:44:19 UTC 2009


Dear List,

I have a feeling that PF can't do perfect round-robin load balancing 
over 100Mbit.

When our PF server's (Dual Quad Core 3Ghz with 8GB ram) network traffic 
goes over 100Mbit, the 80 port's connect time increases to 3-5-10 sec 
instead of the stable 0.001-0.002 sec. The web servers feel good, they 
don't have load, the redundant master-slave database servers feel good, 
they dont have high load. So everything seems fine, except the connect 
time. (Our checker script asks only a HEAD request from the web servers)

The internal network has Gbit connection so as the internet side.

Do you have any advice? Is it time to get a Layer 7 switch and do load 
balancing with it? Or is it possible to do it in a PF way without a 
Content Switch?

2 web servers and 2 database servers are involved.

[web 1] ---|
[web 2] ---|
[db  1] ---|---[pf/web 3/default gw]---internet
[db  2] ---|


For a while the web server on the PF server is down to test, but it does 
the same connection time with a running apache and without a running apache.

Any idea? Our internet traffic average is 100Mbit-130Mbit and the 
connect time makes me so sad.

Thanks in advance,

-- 
Adam PAPAI
NETIDEA Informatikai Szolgaltato Kft.
http://www.netidea.hu
E-mail: wooh at wooh.hu



More information about the freebsd-pf mailing list