Project

General

Profile

Bug #227

Missing route groups on load balance

Added by Ker Ruben Ramos almost 10 years ago. Updated almost 10 years ago.

Status:
Closed
Priority:
Normal
Assignee:
-
Category:
Rules / NAT
Target version:
Start date:
12/16/2009
Due date:
% Done:

0%

Estimated time:
Affected Version:
2.0
Affected Architecture:

Description

I've got three pppoe accounts, 2 from same ISP and the other.

The two pppoe account, when connected, they have the same gateways.

When setting the round-robin route, only two routes are created in route-to pfctl. one(1) from each ISP.

I'm wondering if something like this is not allowed in route-to. Which is what I'm execting.

... route-to { (pppoe0 1.1.1.1), (pppoe1 1.1.1.1), (pppoe3 2.2.2.2) } ...

But currently it shows only this:

... route-to { (pppoe1 1.1.1.1), (pppoe3 2.2.2.2) } ...

I haven't checked on the code yet, I'll review more on this.

History

#1 Updated by Seth Mos almost 10 years ago

That limitation still stands from 1.2

Load balancing to multiple connections with the same gateway just won't work the way it is. The underlying routing table in FreeBSD can not handle this type of routing.

There might a solution we can incorporate specifically for multiple pppoe connections with the same gateway address But that is not in the planning for 2.0

#2 Updated by Ker Ruben Ramos almost 10 years ago

I'd like to verify more on this cause I remember it worked before adding the 3rd(other ISP) pppoe. Both NICs were distributing it properly.

I'll update more later when I get a hold with the box.

#3 Updated by Ker Ruben Ramos almost 10 years ago

Additional info:

I think the reason why it only gives 2 interfaces on that situation.

  • apinger configuration that's generated :
    target "x.x.45.254" {
            description "wan" 
            rrd file "/var/db/rrd/wan-quality.rrd" 
    }
    
    target "x.x.45.254" {
            description "opt1" 
            rrd file "/var/db/rrd/opt1-quality.rrd" 
    }
    
    target "x.x.240.2" {
            description "opt2" 
            rrd file "/var/db/rrd/opt2-quality.rrd" 
    }
    
  • apinger output generated missed "wan"
    Thu Dec 17 11:38:08 2009
    
    Target: x.x.45.254
    Description: opt1
    Last reply received: #40494 Thu Dec 17 11:38:07 2009
    Average delay: 42.931ms
    Average packet loss: 0.0%
    Active alarms: None
    Received packets buffer: ################################################## ####################
    
    Target: x.x.240.2
    Description: opt2
    Last reply received: #40494 Thu Dec 17 11:38:07 2009
    Average delay: 84.766ms
    Average packet loss: 0.0%
    Active alarms: None
    Received packets buffer: ################################################## ####################
    

I hope that helps.
Where can I modify apinger code?

#4 Updated by Ker Ruben Ramos almost 10 years ago

Or is there somewhere already that can specify which IP apinger will check?

#5 Updated by Chris Buechler almost 10 years ago

  • Status changed from New to Closed

You can do the route-to { (pppoe0 1.1.1.1), (pppoe1 1.1.1.1), (pppoe3 2.2.2.2) }

but it's not going to do what you expect. The OS will only see one of the 1.1.1.1 addresses, and doing it in the above fashion will make it use that one connection 2/3rds of the time, with 2.2.2.2 1/3rd of the time, with the remaining WAN unused. It has nothing to do with apinger. There is currently no way to accommodate this in PF.

I opened a feature request for this as we would like to accommodate it in the future, #228. It's a known limitation, not a bug since the underlying software cannot function in this manner.

Also available in: Atom PDF