Help : Load Balancing trouble

Hello,

I have a load balanced linux router working (thanks to lartc website).

In fact, It's working too much well ..... Some protocols, like IM
protocols (ICQ, MSN) need to keep the same route with the server .....
And my system is keeping switching route for each data sent ..... and
cause disconections or the IM network is impossible to connect ......


Is there a way to force a specific route depending on the destination
ports ?

An iptable rule missing ? an ip route setting missing ? don't know

Thanks for your help !


Here is my ip route list (I've put some X for security reason):

82.234.XXX.0/24 dev eth0 proto kernel scope link src 82.234.XXX.XXX
192.168.0.0/24 dev eth1 proto kernel scope link src 192.168.0.254
82.228.XXX.0/24 dev eth2 proto kernel scope link src 82.228.XXX.XXX
default equalize
nexthop via 82.234.XXX.XXX dev eth0 weight 1
nexthop via 82.228.XXX.XXX dev eth2 weight 1


Here is my iptable rules :

Chain INPUT (policy DROP)
target prot opt source destination
INETIN all -- anywhere anywhere
ACCEPT all -- 192.168.0.0/24 anywhere
ACCEPT all -- anywhere anywhere

Chain FORWARD (policy DROP)
target prot opt source destination
INETIN all -- anywhere anywhere
INETOUT all -- anywhere anywhere
ACCEPT all -- 192.168.0.0/24 anywhere

Chain OUTPUT (policy ACCEPT)
target prot opt source destination
INETOUT all -- anywhere anywhere

Chain INETIN (2 references)
target prot opt source destination
ACCEPT icmp -- anywhere anywhere icmp
echo-request
ACCEPT icmp -- anywhere anywhere icmp
echo-reply
ACCEPT all -- anywhere anywhere state
ESTABLISHED
ACCEPT udp -- anywhere anywhere udp
dpts:1024:65535
ACCEPT tcp -- anywhere anywhere tcp
dpts:1024:65535

Chain INETOUT (2 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere

Chain LOG_ACCEPT (0 references)
target prot opt source destination
LOG all -- anywhere anywhere LOG level
warning
ACCEPT all -- anywhere anywhere

Chain LOG_DROP (0 references)
target prot opt source destination
LOG all -- anywhere anywhere LOG level
warning
DROP all -- anywhere anywhere

On Sat, 26 Feb 2005 03:20:44 +0100, Judicator <(E-Mail Removed)>
wrote:

>Hello,
>
>I have a load balanced linux router working (thanks to lartc website).
>
>In fact, It's working too much well ..... Some protocols, like IM
>protocols (ICQ, MSN) need to keep the same route with the server .....
>And my system is keeping switching route for each data sent ..... and
>cause disconections or the IM network is impossible to connect ......
>
>
>Is there a way to force a specific route depending on the destination
>ports ?
>
>An iptable rule missing ? an ip route setting missing ? don't know

Did you apply Julian's route patch? It is not just for Dead Gateway
Detection.
http://www.ssi.bg/~ja/dgd.txt
http://www.ssi.bg/~ja/dgd-usage.txt
http://www.ssi.bg/~ja/nano.txt

Have you looked at this? Perhaps there is something common that could
be used in applying CONNMARK. BEWARE: nexthop will probably not
compile.
http://selab.edu.ms/twiki/bin/view/N...inuxNetworking

I have just the opposite "problem"; `ip route flush cache` is required
to shake loose the persistent routing.
http://linux-ip.net/html/tools-ip-ro...te-flush-cache

Here is how I special case by IP
ip rule add prio 50 to $DestIP/32 table $TBL
where $TBL points to the interface I want the connection to use.

buck

buck a écrit :
> On Sat, 26 Feb 2005 03:20:44 +0100, Judicator <(E-Mail Removed)>
> wrote:
>
>
>>Hello,
>>
>>I have a load balanced linux router working (thanks to lartc website).
>>
>>In fact, It's working too much well ..... Some protocols, like IM
>>protocols (ICQ, MSN) need to keep the same route with the server .....
>>And my system is keeping switching route for each data sent ..... and
>>cause disconections or the IM network is impossible to connect ......
>>
>>
>>Is there a way to force a specific route depending on the destination
>>ports ?
>>
>>An iptable rule missing ? an ip route setting missing ? don't know
>
>
> Did you apply Julian's route patch? It is not just for Dead Gateway
> Detection.
> http://www.ssi.bg/~ja/dgd.txt
> http://www.ssi.bg/~ja/dgd-usage.txt
> http://www.ssi.bg/~ja/nano.txt
>
> Have you looked at this? Perhaps there is something common that could
> be used in applying CONNMARK. BEWARE: nexthop will probably not
> compile.
> http://selab.edu.ms/twiki/bin/view/N...inuxNetworking
>
> I have just the opposite "problem"; `ip route flush cache` is required
> to shake loose the persistent routing.
> http://linux-ip.net/html/tools-ip-ro...te-flush-cache
>
> Here is how I special case by IP
> ip rule add prio 50 to $DestIP/32 table $TBL
> where $TBL points to the interface I want the connection to use.
>
> buck
>
hi,

I'll first try to apply the julian patch ...... I thought that it was
only for helping things :-)

thanks a lot for your help

About your trouble :

have a look to the netsane script : http://muse.linuxmafia.org/netsane/

maybe It'll work with it ;-)

buck a écrit :
> On Sat, 26 Feb 2005 03:20:44 +0100, Judicator <(E-Mail Removed)>
> wrote:
>
>
>>Hello,
>>
>>I have a load balanced linux router working (thanks to lartc website).
>>
>>In fact, It's working too much well ..... Some protocols, like IM
>>protocols (ICQ, MSN) need to keep the same route with the server .....
>>And my system is keeping switching route for each data sent ..... and
>>cause disconections or the IM network is impossible to connect ......
>>
>>
>>Is there a way to force a specific route depending on the destination
>>ports ?
>>
>>An iptable rule missing ? an ip route setting missing ? don't know
>
>
> Did you apply Julian's route patch? It is not just for Dead Gateway
> Detection.
> http://www.ssi.bg/~ja/dgd.txt
> http://www.ssi.bg/~ja/dgd-usage.txt
> http://www.ssi.bg/~ja/nano.txt
>
> Have you looked at this? Perhaps there is something common that could
> be used in applying CONNMARK. BEWARE: nexthop will probably not
> compile.
> http://selab.edu.ms/twiki/bin/view/N...inuxNetworking
>
> I have just the opposite "problem"; `ip route flush cache` is required
> to shake loose the persistent routing.
> http://linux-ip.net/html/tools-ip-ro...te-flush-cache
>
> Here is how I special case by IP
> ip rule add prio 50 to $DestIP/32 table $TBL
> where $TBL points to the interface I want the connection to use.
>
> buck
>