Re: redirecting connections based on probability


Am Fr, 29.02.2008, 16:35, schrieb Bartosz Giza:
Hi,

I have to do such a thing like redirecting connections to port 80 based on
probability. For example i need to redirect 10% requests to my web server
and
other 90% of requests should go to the original location.

I know that pf has probability feature but there is no probability option
for
rdr rules. I have tryied couple of methods that could work but they didn't
:(

The problem is that rdr rules works on incoming packets so i can't use
them
dirrectly because i don't want to redirect all packets to different
location.

Could somebody tell me is such a thing possible in pf ? If yes please
point me
how is that possible.

Say you want to share 1/3 -> IP_A and 2/3 -> IP_B (for the sake of brevity):

rdr on $ext_if proto tcp from any to any port 80 \
-> { $IP_B, $IP_A, $IP_B } round-robin

This also works with random pool selection. src-hash and bitmask are
obviously another story. sticky-address might also skew the results, but
could be a good idea nontheless.

--
/"\ Best regards, | mlaier@xxxxxxxxxxx
\ / Max Laier | ICQ #67774661
X http://pf4freebsd.love2party.net/ | mlaier@EFnet
/ \ ASCII Ribbon Campaign | Against HTML Mail and News
_______________________________________________
freebsd-net@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "freebsd-net-unsubscribe@xxxxxxxxxxx"

Relevant Pages

  • Re: redirecting connections based on probability
    ... I have to do such a thing like redirecting connections to port 80 based ... For example i need to redirect 10% requests to my web ... I know that pf has probability feature but there is no probability option ... The problem is that rdr rules works on incoming packets so i can't use ...
    (freebsd-net)
  • Re: POE and Port Redirection
    ... > The client will create many session on the same port on the Server. ... > redirect, but I am at a loss from where to from here. ... sub forwarder_create { ...
    (comp.lang.perl.misc)
  • Virtual host "lite"?
    ... redirect an incoming we request based on DNS name, ... "http://webmail.domain.com " will automatically be redirected to port ... fall over and the Boss works out what a "server" is.. ...
    (comp.os.linux.networking)
  • Re: port redirect not accepted?
    ... I'm using an ubuntu box with IPTables 1.3.3, ... I want to route all incoming connections to port 6603 to be redirected to port 3306; ... I made a redirect for this which does just that, but now it still doesn't accept it, because my default input rule is to DROP. ... My box hangs on the net and has two interfaces, eth0 and 1. ...
    (comp.os.linux.networking)
  • SuSE 9.1: iptables problem (-t nat OUTPUT) - a bug???
    ... the address translation in the OUTPUT nat table is not ... redirect an access to the external destination port 80 to port 3128 ... In the firewall script above I have installed a redirect in the ... PREROUTING chain and I have locked the INPUT chain in order to be able ...
    (comp.os.linux.networking)