|
||||||||
On Sat, 22 May 2004, David Rodgers wrote: > > You'd better have lots of CPU available if you want to interpose a TCP > > proxy in series with every connection. > > not every connection ... just connections from the outside to the inside > server pool in a round robin fashion Oh, *that* kind of load balancing. I thought you meant *outbound* load balancing, which is a recurring request here. > I tested one of these (pydirector not balance) last night with smtp > connection to 4 machines natted behind the pydirector machine. It was an > amd k6-2 350 machine with 256mb of memory and it sustained several > hundred connections per second withought a blush. pydirector doesn't act > as a proxy just a connection redirector. If the data passes through the program, even unmodified, it's a proxy. The page you linked to calls it a proxy. Even in concept, this requires converting the data from packets to a stream and back to packets. Doing this entirely in the kernel wouldn't be cheap, and doing it in userland adds context-switching overhead and additional copying. Applying this to most traffic on a modest-performing machine that's also the firewall and NAT router could create a bottleneck. A more efficient method would be with "smart NAT", but I don't think that's possible without kernel support, even if the actual decisions are made in userland. An API for "userland-controlled NAT" would have a number of uses, though. > > Not to mention being pretty useless without multiple WAN interfaces. :-) > > Are you on crack ... why would load balancing be useless without > multiple wan interfaces? If your sole purpose for doing this was high Misunderstanding. See above. Fred Wright |