IPv6 Load Balancer

Bertrand Yvain pnl at ielo.net
Mon Mar 29 15:51:37 CEST 2010 

On Mon, Mar 29, 2010 at 02:13:39PM +0200, Tore Anderson wrote:
> * Bertrand Yvain
> 
> > Sure... but those load-balancing proxies are just that: proxies.
> 
> I'm not sure what you trying to say.  Most load-balancing solutions sits
> in front of the application servers and proxy the incoming requests to
> them.  The only common form of load-balancing that does not proxy
> requests that I can think of right now is round-robin DNS.

In my understanding, NAT or DR are not proxying methods.  Proxying
implies the creation of another full request stack.  Would you say that
a NAT gateway is an IP proxy?

> > IMHO, load balancers should do NAT or direct routing so that real
> > servers do receive source IP address and port number.
> 
> Some people want that, sure.  Some people don't - that way the load
> balancer doesn't have to also operate as a default gateway for the
> servers.

Please note that this is not required if you operate in direct routing:
only the client to server direction needs to/should flow through the
load balancer.  Multi-gigabit throughput can be achieved on commodity
hardware.

> Some people (read: me) also really like the opportunity to
> proxy the requests from one IP version to another, which makes it really
> easy to provide IPv6 service since only the load balancers needs to have
> any idea of what IPv6 is - everything behind them can continue to speak
> IPv4.

This is indeed very pleasing, though native IPv6 is not that hard to
implement in a server farm.

> In this case, the source address can obviously not be retained.  But
> as Jeroen pointed out, you can put it into an X-Forwarded-For header
> in the HTTP case, at least.

I still consider this quite kludgy, and HTTP is the only protocol I can
think of that has provision for that.  There are also other benefits to
"full stack" proxies: reuse of TCP connections, large MTU, etc.


Anyway... as you pointed out, different needs call to different
solutions.  I believe that Xavier (original poster) was looking for
NAT/DR load balancers.  Linux IPVS is my personnal favourite but I have
no production experience with it's IPv6 version (which is shipped with
mainline kernel since 2.6.28, I believe).

Cheers,
-- 
Bertrand Yvain
http://www.IELO.net/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: Digital signature
Url : http://lists.cluenet.de/pipermail/ipv6-ops/attachments/20100329/fc0933db/attachment.bin

More information about the ipv6-ops mailing list