Re: using natd to load balance port 80 to multiple servers
From: Chuck Swiger (cswiger_at_mac.com)
Date: 10/23/04
- Previous message: Randy Bush: "Re: SCTP in KAME / Re: Removing T/TCP and replacing itwithsomething simpler"
- In reply to: Stephane Raimbault: "using natd to load balance port 80 to multiple servers"
- Next in thread: Julian Elischer: "Re: using natd to load balance port 80 to multiple servers"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Sat, 23 Oct 2004 12:11:41 -0400 To: Stephane Raimbault <segr@hotmail.com>
Stephane Raimbault wrote:
> I'm currently using a freebsd box running natd to forward port 80 to
> several (5) web servers on private IP's.
OK.
> I have discovered that natd doesn't handle many requests/second all that
> well (seem to choke at about 200 req/second (educated guess))
Let's take that number as being right, although the first consideration when
doing performance tuning is that you need to measure things accurately enough
that you can see whether a change makes a meaningful difference.
There are plenty of tools available in the ports tree, although you could
start with "ab" from apache.
Next, you ought to read "man tuning" and look into adjusting HZ, NMBCLUSTERS
in your kernel config, using any hardware support for your NICs (-link0
option) or try using device polling.
You should probably investigate the net.inet sysctls, particularly those
controlling retransmit time intervals net.inet.tcp.rexmit_min and the
keepalive and net.inet.ip.fw.dyn*lifetime tunables.
> There are other packet filtering options on FreeBSD and I wonder if I
> can use them to do what I'm trying to do with natd.
It's true that natd runs in userspace, which creates more overhead, so using
PF instead might be worth doing, sure.
> Would someone be able to point me to documentation or help me have
> either ipf/ipfw/pf forward port 80 traffic to private space IP's?
Consider http://www.openbsd.org/faq/pf/index.html
> Is there a better way of split port 80 traffic across multiple
> webservers that has elduded me? Other then a comercial content switch
> that is :)
Oh, sure.
The most obvious solution to the problem is to give all of the servers real
IPs and use some other form of balancing (DNS round-robin, or splitting the
content somehow [static vs dynamicly generated?]), and avoid dealing with NAT
altogether.
-- -Chuck _______________________________________________ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org"
- Previous message: Randy Bush: "Re: SCTP in KAME / Re: Removing T/TCP and replacing itwithsomething simpler"
- In reply to: Stephane Raimbault: "using natd to load balance port 80 to multiple servers"
- Next in thread: Julian Elischer: "Re: using natd to load balance port 80 to multiple servers"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
|
