On Wed, Oct 08, 2008 at 12:12:47PM -0700, Mike Sweetser - Adhost wrote: > We're noticing some unexpected behavior regarding load balancing with > our FreeBSD 6.2 server running PF. > > We have a pool set up for a two-server cluster: > > table <web_183_roundrobin> persist { \ > 192.168.1.183 \ > 192.168.2.183 \ > } > web_183_ext="xxx.xxx.xxx.183" > > And the following rdr rule to handle it: > > rdr on ! $vlanX_if proto { udp tcp } from any to $web_183_ext port { 80 > 443 } -> <web_183_roundrobin> round-robin sticky-address > > It's working - too well. We're noticing that it's round-robining not > only based on the IP address, but the port as well - connections from > the same machine to ports 80 and 443 are hitting different servers: > > self tcp 192.168.1.183:80 <- xxx.xxx.xxx.183:80 <- yyy.yyy.yyy.80:53601 > FIN_WAIT_2:FIN_WAIT_2 > self tcp 192.168.1.183:80 <- xxx.xxx.xxx.183:80 <- yyy.yyy.yyy.80:53602 > FIN_WAIT_2:FIN_WAIT_2 > self tcp 192.168.1.183:80 <- xxx.xxx.xxx.183:80 <- yyy.yyy.yyy.80:53603 > ESTABLISHED:ESTABLISHED > self tcp 192.168.2.183:443 <- xxx.xxx.xxx.183:443 <- > yyy.yyy.yyy.80:53604 FIN_WAIT_2:FIN_WAIT_2 > self tcp 192.168.2.183:443 <- xxx.xxx.xxx.183:443 <- > yyy.yyy.yyy.80:53605 ESTABLISHED:ESTABLISHED > > Is there any way to set this so that a given client IP will hit the same > server in the pool, regardless of port?
Try the freebsd-pf list. -- | Jeremy Chadwick jdc at parodius.com | | Parodius Networking http://www.parodius.com/ | | UNIX Systems Administrator Mountain View, CA, USA | | Making life hard for others since 1977. PGP: 4BD6C0CB | _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"