IPv6 Load Balancer
pnl at ielo.net
Mon Mar 29 15:51:37 CEST 2010
On Mon, Mar 29, 2010 at 02:13:39PM +0200, Tore Anderson wrote:
> * Bertrand Yvain
> > Sure... but those load-balancing proxies are just that: proxies.
> I'm not sure what you trying to say. Most load-balancing solutions sits
> in front of the application servers and proxy the incoming requests to
> them. The only common form of load-balancing that does not proxy
> requests that I can think of right now is round-robin DNS.
In my understanding, NAT or DR are not proxying methods. Proxying
implies the creation of another full request stack. Would you say that
a NAT gateway is an IP proxy?
> > IMHO, load balancers should do NAT or direct routing so that real
> > servers do receive source IP address and port number.
> Some people want that, sure. Some people don't - that way the load
> balancer doesn't have to also operate as a default gateway for the
Please note that this is not required if you operate in direct routing:
only the client to server direction needs to/should flow through the
load balancer. Multi-gigabit throughput can be achieved on commodity
> Some people (read: me) also really like the opportunity to
> proxy the requests from one IP version to another, which makes it really
> easy to provide IPv6 service since only the load balancers needs to have
> any idea of what IPv6 is - everything behind them can continue to speak
This is indeed very pleasing, though native IPv6 is not that hard to
implement in a server farm.
> In this case, the source address can obviously not be retained. But
> as Jeroen pointed out, you can put it into an X-Forwarded-For header
> in the HTTP case, at least.
I still consider this quite kludgy, and HTTP is the only protocol I can
think of that has provision for that. There are also other benefits to
"full stack" proxies: reuse of TCP connections, large MTU, etc.
Anyway... as you pointed out, different needs call to different
solutions. I believe that Xavier (original poster) was looking for
NAT/DR load balancers. Linux IPVS is my personnal favourite but I have
no production experience with it's IPv6 version (which is shipped with
mainline kernel since 2.6.28, I believe).
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 198 bytes
Desc: Digital signature
Url : http://lists.cluenet.de/pipermail/ipv6-ops/attachments/20100329/fc0933db/attachment.bin
More information about the ipv6-ops