Re: [LARTC] Load balancing using connmark

2007-05-10 Thread Salim S I
Francis Brosnan Blazquez wrote: Hi, I've been implementing a load balancing solution using CONNMARK, based on solution described by Luciano Ruete at [1]. Gracias por el post y por apuntar en la dirección correcta Luciano! Once implemented, I've found that due to some reason packets aren't

RE: [LARTC] Load balancing using connmark

2007-05-10 Thread Salim S I
of one,though. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Salim S I Sent: Thursday, May 10, 2007 2:15 PM To: lartc@mailman.ds9a.nl Subject: Re: [LARTC] Load balancing using connmark Francis Brosnan Blazquez wrote: Hi, I've been implementing

RE: [LARTC] Load balancing using connmark

2007-05-10 Thread Francis Brosnan Blazquez
El jue, 10-05-2007 a las 16:01 +0800, Salim S I escribió: Hi Salim, Thanks for your reply, On closer look, I am wrong about shorewall. It seems to be a different approach to load balancing. They connmark the incoming packets from WAN, rather than outgoing packets. I think it should work well,

Re: [LARTC] Load balancing using connmark

2007-05-10 Thread Peter Warasin
hi people Francis Brosnan Blazquez wrote: I've been implementing a load balancing solution using CONNMARK, based After giving a try during several days, I've found that another firewall solution, shorewall [2], implements built-in load balacing for free by using the following set of

Re: [LARTC] Load balancing using connmark

2007-05-10 Thread Peter Rabbitson
Salim S I wrote: Francis Brosnan Blazquez wrote: Hi, I've been implementing a load balancing solution using CONNMARK, based on solution described by Luciano Ruete at [1]. Gracias por el post y por apuntar en la dirección correcta Luciano! Once implemented, I've found that

Re: [LARTC] Load balancing using connmark

2007-05-10 Thread Peter Rabbitson
Peter Rabbitson wrote: ... In the case of _local_ traffic - it becomes even trickier. The problem is that when sockets are created they already have a source IP (the kernel determines that by looking at the default routing table, your marks do not exist yet). This is misleading - it will

RE: [LARTC] Load balancing using connmark

2007-05-10 Thread Salim S I
: [LARTC] Load balancing using connmark Salim S I wrote: Francis Brosnan Blazquez wrote: Hi, I've been implementing a load balancing solution using CONNMARK, based on solution described by Luciano Ruete at [1]. Gracias por el post y por apuntar en la dirección correcta Luciano

Re: [LARTC] Load balancing using connmark

2007-05-10 Thread David Ford
Is there a good [single?] document explaining all of this and more? What the kernel does in POST vs PRE with respect to iproute2 and netfilter with CONNMARK and etc? Thank you, David Salim S I wrote: Let me explain why the marking is done in POSTROUTING. [...]

Re: [LARTC] Load balancing using connmark

2007-05-09 Thread Peter Rabbitson
Francis Brosnan Blazquez wrote: Hi, I've been implementing a load balancing solution using CONNMARK, based on solution described by Luciano Ruete at [1]. Gracias por el post y por apuntar en la dirección correcta Luciano! Once implemented, I've found that due to some reason packets aren't