OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: Scott Francis (darkuncle_at_darkuncle.net)
Date: Wed Oct 23 2002 - 11:15:32 CDT

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    [original post]
    I have 2 ADSL lines as uplink for small office, how can I set OpenBSD
    to use both of those for outgoing/incomming traffic?

    [my reply]
    Suggest you search the archives; this question (load balancing traffic) comes
    up periodically. You may also want to check out altq(9), and keep in mind
    that balancing ingress traffic is not possible with the setup you have.
    Balancing egress traffic may be possible, in a way, through use of
    altq/pf/nat and a pair of gateways.

    [claudio jeker's response]
    > First normaly you should not have excessive ingress traffic on ADSL
    > because this will also reduce the egress traffic.

    Not sure quite what you're trying to say here ...

    > A simple way to load balance ingress traffic would be bgpdns
    > (http://www.bgpdns.org). Have a look at the RIPE 41 Presentation for more
    > info.
    >
    > For egress traffic a bgpnat is in development but bgpnat uses FreeBSD and
    > their userland natd because complex loadbalancing does not belong into the
    > kernel. The upcomming natd form FreeBSD has already simple round robin
    > based egress load balancing. See http://diehard.n-r-g.com/stuff/freebsd/
    >
    > It should be no big problem to add a similar balancing extension to pf but
    > I did not have time to dig through the pf code.

    For the situation described by the OP, I don't think ingress traffic is
    really a concern. It sounded (to me, anyway) like he had a standard small
    office setup with 2 provider lines instead of 1. Unless the OP was planning
    some kind of hosting or other server-based stuff running off those 2 lines,
    balancing egress traffic via existing tools should be sufficient.

    [S9 <kmthemcminns.com> response to Claudio]
    > >A simple way to load balance ingress traffic would be bgpdns
    > >(http://www.bgpdns.org). Have a look at the RIPE 41 Presentation for more
    > >info.
    >
    >or just use round robin if all you want it load balancing.

    Again, from what the original post said, there was no mention of trying to
    _serve_ from this office network - merely using two providers as a very basic
    type of network redundancy, similar to what several other people have asked
    about over the last year or two (frequently in conjunction with questions on
    rate limiting as well).

    Perhaps the OP could clarify his setup and exactly what he was trying to
    accomplish? 

    --
-= Scott Francis || darkuncle (at) darkuncle (dot) net =-
  GPG key CB33CCA7 has been revoked; I am now 5537F527
        illum oportet crescere me autem minui

    [demime 0.98d removed an attachment of type application/pgp-signature]