Dividing traffic with u32 iptables filter | Unix Linux Forums | IP Networking

  Go Back    


IP Networking Learn TCP/IP, Internet Protocol, Routing, Routers, Network protocols in this UNIX and Linux forum.

Dividing traffic with u32 iptables filter

IP Networking


Closed Thread    
 
Thread Tools Search this Thread Display Modes
    #1  
Old 11-19-2012
new_item new_item is offline
Registered User
 
Join Date: Apr 2012
Last Activity: 31 March 2013, 6:31 AM EDT
Posts: 20
Thanks: 0
Thanked 2 Times in 2 Posts
Dividing traffic with u32 iptables filter

I would like to divide traffic between two squid servers.

I have been thinking about using iptables u32 filter, to check last bit of ip address which is comming to gateway. Then I would like to direct even IP adresses to one squid host, and odd to the other. Is it reasonable ?

Thank you for any input,
and please forgive me for my English.

---------- Post updated at 10:17 PM ---------- Previous update was at 08:34 PM ----------

I believe that solution will be

Code:
iptables -m u32 --u32 "12&0x01=1"
iptables -m u32 --u32 "12&0x01=0"

Based on:
Netfilter Extensions HOWTO: New netfilter matches
Sponsored Links
    #2  
Old 11-19-2012
jim mcnamara jim mcnamara is offline Forum Staff  
...@...
 
Join Date: Feb 2004
Last Activity: 18 April 2014, 11:10 PM EDT
Location: NM
Posts: 10,058
Thanks: 250
Thanked 756 Times in 711 Posts
That will work to divide traffic, but you have no guarantee about load leveling which is the whole idea behind this. So, you have a statistically valid sample of previous hits?

You may find that 30% of your traffic is from one site, I do not know, I made that number up. But it would really skew you server load. For example, large companies behind firewalls may present as one single IP, and if your service is really useful to abc.com then maybe lots of users from there will connect.
Sponsored Links
    #3  
Old 11-23-2012
new_item new_item is offline
Registered User
 
Join Date: Apr 2012
Last Activity: 31 March 2013, 6:31 AM EDT
Posts: 20
Thanks: 0
Thanked 2 Times in 2 Posts
Your point of view seems to be correct. This matter is open for discussion. We hope that traffic will normalize to achieve equal distribution.

But this solution have to be tested on real traffic.

Any alternatives to this idea will be appreciated.

Thank you for your time.
Sponsored Links
Closed Thread

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

More UNIX and Linux Forum Topics You Might Find Helpful
Thread Thread Starter Forum Replies Last Post
Traffic shaping with iptables coolatt IP Networking 0 10-13-2010 06:31 AM
Block incoming traffic FTP from internet using iptables edeamat Shell Programming and Scripting 0 09-10-2009 03:46 AM
SMTP traffic filter on FreeBSD 7.0 gateway matagou UNIX and Linux Applications 1 02-17-2009 05:50 AM
Iptables/TC: how to make masqueraded traffic go through an openVPN tun0? theVOID IP Networking 2 08-27-2008 11:46 PM
measuring traffic with iptables mdfk IP Networking 0 02-11-2004 05:43 PM



All times are GMT -4. The time now is 08:11 AM.