[prev in list] [next in list] [prev in thread] [next in thread] 

List:       openbsd-pf
Subject:    Re: Hairpinning - Load Balance Groups in same subnet
From:       Stuart Henderson <stu () spacehopper ! org>
Date:       2007-03-01 10:06:36
Message-ID: 20070301100636.GO7297 () bootes ! spacehopper ! org
[Download RAW message or body]

On 2007/02/28 11:14, Michael K. Smith - Adhost wrote:
> 1) Server 1 on 10.1.1.100/24
> 2) Carp Interface on 10.1.1.200 that fronts two servers, 10.1.1.201 and
> 10.1.1.202
> 3) Some service on servers, let's say mail
> 4) Server 1 wants to use the load-balance pool, so it sends traffic to
> 10.1.1.200, which then load balances to the two servers, .201 and .202
> 
> All of this would be occurring on the same interface and I can't find
> any reference in the docs to say this will or will not work.  Has anyone
> tried something like this?

The typical problem of hairpinning is that the return path doesn't
include the LB so there's no way to 'un-rdr' the traffic (i.e. rewrite
the source address.

You can do this if you either proxy or NAT the connection so the
source address of incoming packets is that of the load-balancer.

I think it would also work if you set the default route on the
back-ends to the LB.

You might be interested in looking at hoststated(8) on recent
OpenBSD -current which includes an http-aware load balancing proxy
(see http://undeadly.org/cgi?action=article&sid=20070222041312).
[prev in list] [next in list] [prev in thread] [next in thread]