On 2015/09/18 20:18, David Gwynne wrote: > > > On 18 Sep 2015, at 6:17 pm, Stuart Henderson <[email protected]> wrote: > > > > On 2015-09-18, David Gwynne <[email protected]> wrote: > >> this lets pf embed the state id into the mbuf as a "flow id" so > >> other subsystems can use it. eg, trunk can pull it out and use it. > > > > I like this but it does change the path distribution. Previously all > > flows from host A to host B were bound to a single path, now they are > > spread across paths. This is good for making fuller use of paths but can > > make fault diagnosis harder. > > > > I tried to work out the best way to make this optional when I sent my > > earlier L4-hash diff (using PF states for this has similar results > > and is far more elegant) but didn't settle on an approach. Switches > > doing this usually have a single global setting (e.g. sysctl), which > > seems a bit of a blunt instrument but would be easier to apply to areas > > other than trunk (e.g. multipath routing). We could use an ioctl if > > ifconfig(8) isn't full already, though I don't think we actually need > > any more options than "L3-bound" and "per-flow" so using the existing > > link0 scaffolding would be an easier way to do this per-trunk but > > I didn't really get a feel for whether people thought that was > > good enough. > > the only "fault" ive experienced with hashing algorithms is that they all > tend to make the wrong decision, so fixing it has been rotating through their > different options till one sucks less than the others. > > is that what you're arguing for here? > > dlg
I meant faults like bad fibre, media converter, switchport, metro ethernet circuit hanging off an interface, etc. In those cases it's useful to be able to make it go over a different path by switching source IP to track things down. Also sometimes you can get insight into a problem by noticing that connections from host X in a subnet to host A have problems, but from Y to A don't, though this more applies where the person noticing the problem isn't the person who is running the system doing the load balancing.
