pf and smart sticky address for round robin - BSD

This is a discussion on pf and smart sticky address for round robin - BSD ; Hello I would like to use smart sticky address fuction. The problem is: table { 10.0.0.1, 10.0.0.2, 10.0.0.3 } rdr on xl0 inet proto tcp from any to IP_PUBLICO port 80 -> { } round-robin sticky-address pass in quick log ...

+ Reply to Thread
Results 1 to 2 of 2

Thread: pf and smart sticky address for round robin

  1. pf and smart sticky address for round robin

    Hello

    I would like to use smart sticky address fuction.
    The problem is:

    table { 10.0.0.1, 10.0.0.2, 10.0.0.3 }
    rdr on xl0 inet proto tcp from any to IP_PUBLICO port 80 -> { }
    round-robin sticky-address
    pass in quick log on xl0 proto tcp from any to port 80 flags S/SA
    modulate state (src.track 1800)

    I want to remember old (finished) sessions traces for 30 minutes, and
    do the same decision in load balancing for that 30 minutes.

    Problem is when one of the destination hosts fail.
    If clientA is using 10.0.0.2 and 10.0.0.2 fails sticky address option
    will force pf to route traffic from clientA to 10.0.0.2 for next 30
    minutes.

    How can i solve such problem ?

    Is the exactly the same problem as described in:
    http://archives.neohapsis.com/archiv...6-05/2815.html

    but seems still unresolved.
    This problem prevents using non trivial load-balancing configurations with
    pf

    Thanx
    Michal


  2. Re: pf and smart sticky address for round robin


    avlee wrote:
    > Hello
    >
    > I would like to use smart sticky address fuction.
    > The problem is:
    >
    > table { 10.0.0.1, 10.0.0.2, 10.0.0.3 }
    > rdr on xl0 inet proto tcp from any to IP_PUBLICO port 80 -> { }
    > round-robin sticky-address
    > pass in quick log on xl0 proto tcp from any to port 80 flags S/SA
    > modulate state (src.track 1800)
    >
    > I want to remember old (finished) sessions traces for 30 minutes, and
    > do the same decision in load balancing for that 30 minutes.
    >
    > Problem is when one of the destination hosts fail.
    > If clientA is using 10.0.0.2 and 10.0.0.2 fails sticky address option
    > will force pf to route traffic from clientA to 10.0.0.2 for next 30
    > minutes.
    >
    > How can i solve such problem ?
    >
    > Is the exactly the same problem as described in:
    > http://archives.neohapsis.com/archiv...6-05/2815.html
    >
    > but seems still unresolved.
    > This problem prevents using non trivial load-balancing configurations with
    > pf
    >
    > Thanx
    > Michal


    You might get better responses from the pf-freebsd mail list


+ Reply to Thread