Two gateways, port-based load balancing

Hello,
I have a simple question on Mac OS X Leopard/SL Server regarding the use of 2 distinct internet connections on a single LAN.
Gateway #1 : 10.0.1.1 (delivering IPs) - 18 mbps
Gateway #2 : 10.0.1.254 - 4 mbps
Any computer accessing the network is delivered an IP by the DHCP server (10.0.1.1), thus uses #1 as of main gateway.
The main server (10.0.1.16) is running DNS services and a Squid proxy-cache.
Now, is it possible to set all the computers that connect to the network up so that they use the main server as of main gateway and see their requests redirected to #1 or #2 according to the port in use ?
For example:
mail,http,https,jabber -> #1
skype,rtsp,... -> #2
Thank you very much for your help
Tha
Message was edited by: Kwintin

is it possible to set all the computers that connect to the network up so that they use the main server as of main gateway and see their requests redirected to #1 or #2 according to the port in use ?
No. routing is based on destination IP address, not port.
Therefore each client will send all traffic for a specific address to a specific router address. It doesn't matter whether it's talking HTTP, SMTP, IMAP, POP, AIM, or any other protocol - any traffic for that IP will go to the same router.
You have three ways of getting around this.
One is to install a router that supports dual WAN connections. Point all internal clients to the LAN address of the router and let it do the work of routing the traffic as needed, based on its routing policies (routers may be able to route based on port).
Option two is to setup a proxy server for specific services - for example you could setup a HTTP/HTTPS proxy server on a machine that has router #1 as its default gateway and configure the clients to talk to router #2. All traffic on the clients will go over router #2 except the proxied traffic which will go to the proxy and then out via router #1.
This is relatively simple to setup, but is limited to traffic that can be easily proxied (e.g. that probably excludes email).
The third option is static routing. Look at the servers each machine is contacting and setup static routes for the smaller set of addresses. For example, if you're only splitting off traffic to Skype's servers then set each client with a default route of router #1, and static routes to Skype's server to router #2. Now all traffic except that to Skype will use router #1.
This is really only viable if you have a relatively small number of destination addresses you're trying to divert. That's why it works well for Skype (single server address), but wouldn't work well for something more generic such as 'web traffic' since you cannot predict which web servers (and therefore which IP addresses) need static routes.
Of the three options, only option #1 will cover all protocols for all clients, but it's also the only option that costs $$s if your current router doesn't support multiple WAN interfaces.

Similar Messages

  • Cisco MDS Port channel load balancing

    A customer recently asked an interesting question about exchange based load balancing on an FC port channel. The platform is UCS with an 8 and 16 port channel per fabric interconnect on two separate UCS domains. The application is Oracles data warehousing which has been known to saturate 4 x 8gb fc links. Since the balancing method is exchange based what constitutes the start and end of an exchange? We are trying to avoid a condition where and intense read write conversation locks to a single link in the port channel and not spread across 8/16 links. Where can I find more information about exchange based routing protocol or how should I go about managing extreme io in a converged infrastructure.

    The default loadbalance method on FI and MDS is src-dst-ox-id based. Note that loadbalancing is done by a device on *outgoing traffic*. FI and MDS do not have to negotiate anything here. Technically, one device can do src-dst-id based while the other can use src-dst-ox-id. However, in your case there is no reason for such a change.
    As I wrote before, If all of the links in the port-channel are touching the max capacity, you should recommend your customer to increase links in the bundle (max 16) or upgrade to 16G links. If few of the links are heavily utilized while other links in the same port-channel are under utilized, you may want to check the application or HBA for capability of breaking down the large reads/writes under smaller exchanges. If no traffic is going on few of the links at all, then I would suspect UCS to FI pinning as well.

  • Session based load balance + Prepared statements

    Experts,
    From the docs I understand that there are 3 load balancing techniques. One is client side and two are server side. Of the two, one is session count based load balancing, and as per docs, it is recommended for connection pool setting.
    My question is if I have prepared statements originally created using connection to node1, and say if listener re-directs the conneciton to another node node2, will the prepared statement work on node2 ?.
    Thanks
    Vissu

    Just to clarify, the question is:
    Are the prepared statements usable when we use session count based load balancing.

  • Nexus port channel load balance

    Hi
    I just want to clarify one setting for the port channel load balance on Nexus 6k switch. If I use the load balance option source-dest-ip-only, will following four converstions be load balanced?
    10.10.10.1 -> 192.168.1.1
    10.10.10.2 -> 192.168.1.1
    10.10.10.1 -> 192.168.1.1
    10.10.10.1 -> 192.168.1.2
    Thanks. Leo

    Hi Leo,
    I think there may be typo in your question as I only see three conversations and not four. That aside I've not seen the Nexus port-channel load balancing sufficiently well documented to be able to give you the exact answer.
    In their configuration guides Cisco only include the following statement:
    Cisco NX-OS load balances traffic across all operational interfaces in a port channel by reducing part of the binary pattern formed from the addresses in the frame to a numerical value that selects one of the links in the channel.
    There is other documentation that states the load balancing algorithm uses a CRC-8 based polynomial, but as we don't know exactly which parts of the frame are used in the calculation, I don't see it's possible to calculate the answer and so derive the link that will be used for a given conversation.
    While I've not seen full documentation regarding the science used in the calculation, what Cisco have done is provide a command on the switch CLI that will allow you to determine which link of a port-channel will be used.
    If you run the command show port-channel load-balance forwarding-path interface port-channel vlan src-ip dst-ip then one of the parts of the output is the member link of the port-channel that will be used for that flow.
    You can find full details of the options for the show port-channel load-balance command in the command reference.
    One other point to remember is that the load balancing across a port-channel is unidirectional, and the hashing might be completely different for the return flow of a conversation. For example it is entirely possible that traffic from A to B could use one link of a port-channel, while the return traffic from B to A for the same conversation could use a different link.
    In general I would use the source-dest-port option for load balancing on the Nexus switches as this will obviously include the Layer-4 port numbers in the calculation, and so give you a better distribution of flows across all member links.
    Regards

  • Patch applying on Two node application server(load balancing)

    Hi,
    We have Two aplication servers with load balancing with PCP.
    I want to know about applying patches order.
    First patch has to be applied on primary applicaton node.
    and next it has to be applied on secodary application node.
    Please confirm.
    Regards,
    maleem

    maleem wrote:
    Hi Mapps,
    We do not have shared aplicaton Tier. I think in that case we have to apply patches on both applicaton nodes.
    am i right? please correct me if i am wrong.
    Regards,
    maleem
    Correct.
    Thanks,
    Hussein

  • How can ftp service on non-standard port be load balanced using Cisco ACE.

    How can ftp service on non-standard port be load balanced using Cisco ACE.For example ftp service required on tcp 2000 port

    Hi Samarjit,
    you can do this by specifying the port number in the class map that you create . Please find the below mentioend config guide where you can specify the tcp/udp port , range or ports or even the wild card to match the port.
    http://www.cisco.com/en/US/docs/interfaces_modules/services_modules/ace/v3.00_A1/configuration/administration/guide/mapolcy.html#wp1318826
    Regards
    Abijith

  • Port Channel Load-Balancing Algorithm (North Bound)

    I'm trying to figure out what the load balancing algorithm for the 6100 and 6200 FIs for the Northbound connections. I can't find any documentation on how to change it.
    The Nexus 7000s use an 8-bit hash, making it very easy to do something other than 2, 4, or 8 link port channel and get even (at least algorithmically) distribution.
    Catalyst switches (not sure about Sup2T though) would use a 1, 2, or 3-bit index, which would skew traffic algorthmically if you used a non-power of 2.
    Looking at the 5K documentation, it seems to use the Catalyst style (though haven't been able to confirm). My guess is that whatever is used for the 5Ks is used for the 6100/6200.
    Design wise, this would mean you would want to use powers of 2 for your NB uplinks.

    Hello Tony,
    On UCS FI, it uses " sr-cdest-ip " as the load balancing algorithm and uses 8 parameters for hashing
    6248-01-B(nxos)# sh port-channel load-balance
    Port Channel Load-Balancing Configuration:
    System: source-dest-ip
    Port Channel Load-Balancing Addresses Used Per-Protocol:
    Non-IP: source-dest-mac
    IP: source-dest-ip source-dest-mac
    6248-01-B(nxos)# show platform fwm info pc port-channel 1
    dump pc info: if_index 369098752 dump_all 0 verbose 1
    Po1: state 0x0  #pifs 1  fwimpd ctx 0x9666c1c
    Po1: hash params - l2_da 1 l2_sa 1 l3_da 1 l3_sa 1
    Po1: hash params - l4_da 1 l4_sa 1 xor_sa_da 1 hash_elect 1
    I could not find an option to change these values.
    Padma

  • Health based load balancing.

    I know that RM can provide health based load balancing e.g. RM will stop giving the load if WEF server is not healthy. We have a F5 load balancer, Can't we get the health based load balancing using F5?
    Regards Restless Spirit

    i think you can do. You can specify the number of monitors that must report a pool member as being available before that member is defined as being in an up state.
    check this support article will give you different method of loadbalacing
    Load Balancing pool
    Please remember to mark your question as answered &Vote helpful,if this solves/helps your problem. ****************************************************************************************** Thanks -WS MCITP(SharePoint 2010, 2013) Blog: http://wscheema.com/blog

  • Nexus 6K: Port-Channel Load-Balance

    Hi all,
    I configured "port-channel load-balance ethernet source-dest-mac" on Nexus 6001. But when I use "show run all | in load-balance", it displays module 1 and module 2 are still using source-dest-ip for port-channel load-balance. And for command "show port-channel load-balance" and "show port-channel load-balance forwarding-path interface", it still shows switch using MAC for hash algorithm. The NXOS is 6.0(2)N1(2a).
    Does anybody know:
    -  What is the function of "port-channel load-balance ethernet source-dest-ip module" and in which situation this command will be effective?
    -  It shows "port-channel load-balance ethernet source-dest-ip module" command for both module 1 and 2. Module 1 is N6K Supervisor and module 2 is 4xQSFP Ethernet Module. Is it possible to set different load-balance algorithm  to these 2 modules?   
    # show run all | in load-balance
    port-channel load-balance ethernet source-dest-mac
    port-channel load-balance ethernet source-dest-ip module 1
    port-channel load-balance ethernet source-dest-ip module 2
    # show port-channel load-balance
    Port Channel Load-Balancing Configuration:
    System: source-dest-mac
    Port Channel Load-Balancing Addresses Used Per-Protocol:
    Non-IP: source-dest-mac
    IP: source-dest-mac
    # show port-channel load-balance forwarding-path interface port-channel 30 vlan 150 src-ip 172.25.228.6 dst-ip 172.25.226.97
    Missing params will be substituted by 0's.
    Load-balance Algorithm on switch: source-dest-mac
    crc_hash: 977 Polynomial: CRC10b        Outgoing port id  Ethernet1/2
    Param(s) used to calculate load-balance:
            seed: 0x701
            dst-mac:  0000.0000.0000
            src-mac:  0000.0000.0000
    # show module
    Mod Ports Module-Type                         Model                  Status
    1   48    Norcal 64 Supervisor                N6K-C6001-64P-SUP      active *
    2   10    Nexus 4xQSFP Ethernet Module        N6K-C6001-M4Q          ok
    Mod  Sw              Hw      World-Wide-Name(s) (WWN)
    1    6.0(2)N2(3)     1.0     --
    2    6.0(2)N2(3)     1.0     --

    Hi all,
    I configured "port-channel load-balance ethernet source-dest-mac" on Nexus 6001. But when I use "show run all | in load-balance", it displays module 1 and module 2 are still using source-dest-ip for port-channel load-balance. And for command "show port-channel load-balance" and "show port-channel load-balance forwarding-path interface", it still shows switch using MAC for hash algorithm. The NXOS is 6.0(2)N1(2a).
    Does anybody know:
    -  What is the function of "port-channel load-balance ethernet source-dest-ip module" and in which situation this command will be effective?
    -  It shows "port-channel load-balance ethernet source-dest-ip module" command for both module 1 and 2. Module 1 is N6K Supervisor and module 2 is 4xQSFP Ethernet Module. Is it possible to set different load-balance algorithm  to these 2 modules?   
    # show run all | in load-balance
    port-channel load-balance ethernet source-dest-mac
    port-channel load-balance ethernet source-dest-ip module 1
    port-channel load-balance ethernet source-dest-ip module 2
    # show port-channel load-balance
    Port Channel Load-Balancing Configuration:
    System: source-dest-mac
    Port Channel Load-Balancing Addresses Used Per-Protocol:
    Non-IP: source-dest-mac
    IP: source-dest-mac
    # show port-channel load-balance forwarding-path interface port-channel 30 vlan 150 src-ip 172.25.228.6 dst-ip 172.25.226.97
    Missing params will be substituted by 0's.
    Load-balance Algorithm on switch: source-dest-mac
    crc_hash: 977 Polynomial: CRC10b        Outgoing port id  Ethernet1/2
    Param(s) used to calculate load-balance:
            seed: 0x701
            dst-mac:  0000.0000.0000
            src-mac:  0000.0000.0000
    # show module
    Mod Ports Module-Type                         Model                  Status
    1   48    Norcal 64 Supervisor                N6K-C6001-64P-SUP      active *
    2   10    Nexus 4xQSFP Ethernet Module        N6K-C6001-M4Q          ok
    Mod  Sw              Hw      World-Wide-Name(s) (WWN)
    1    6.0(2)N2(3)     1.0     --
    2    6.0(2)N2(3)     1.0     --

  • Nexus - port-channel load balancing

    Port-channel   load balancing is a global command or interface command in Nexus switch?
    Thanks,
    Manu

    Hi,
    It's a global command; port-channel load-balance ethernet.
    You can find details in the Configuring Load Balancing Using Port Channels section of the Nexus 5500 Series NX-OS Interfaces Configuration Guide.
    Regards

  • URL-Based Load Balancing

    I'm having a difficult time trying to configure load balancing on my CSM based on the URL entered. Here is my scenerio:
    Two web servers (WebA & WebB), load balanced on a CSM. WebA & WebB have 90% the same content, so most traffic can be load balanced between them without a problem. The problem (for me anyway) comes in where WebA has certain web sites that WebB doesn't, and vice versa. So I need to load balance to both for 90% of the traffic, and point traffic to a particular server the other 10% of the time based on the URL entered.
    Below is the test config I have so far (that doesn't work correctly), what I am trying for in this example is that any URL that contains /vhosts/ or /programs/ be directed to WebA, and any URL that contains /platform/ or /ssl/ be directed to WebB, and all other traffic be load balanced between the two evenly. (For testing purposes, the servers are being load balanced in "bridge-mode", in production they will be "routed-mode"....I did't want to go through the change controls to change the IP addresses for the test servers!).
    module ContentSwitchingModule 2
    vlan 605 client
    ip address 10.63.240.4 255.255.255.0
    gateway 10.63.240.1
    vlan 606 server
    ip address 10.63.240.4 255.255.255.0
    natpool URL-POLICY-TEST 10.63.240.204 10.63.240.204 netmask 255.255.255.254
    map SRV-A url
    match protocol http url /vhosts/*
    match protocol http url /programs/*
    map SRV-B url
    match protocol http url /platform/*
    match protocol http url /ssl/*
    serverfarm URL-POLICY-TEST
    nat server
    nat client URL-POLICY-TEST
    real 10.40.109.100
    inservice
    real 10.40.109.101
    inservice
    serverfarm URL-TESTA
    nat server
    nat client URL-POLICY-TEST
    real 10.40.109.100
    inservice
    serverfarm URL-TESTB
    nat server
    nat client URL-POLICY-TEST
    real 10.40.109.101
    inservice
    policy TESTWEB-A
    url-map SRV-A
    serverfarm URL-TESTA
    policy TESTWEB-B
    url-map SRV-B
    serverfarm URL-TESTB
    vserver URL-POLICY_TEST
    virtual 10.63.240.10 tcp 0
    vlan 605
    serverfarm URL-POLICY-TEST
    sticky 1
    persistent rebalance
    slb-policy TESTWEB-A
    slb-policy TESTWEB-B
    inservice

    Thanks for the reply Gilles....I've been out of the office for a while.
    Well, right now nothing is working....except that all traffic is going to the default server farm assinged to the vserver. Here are the URLs I am testing with:
    **************TEST A************
    http://10.63.240.10/manual/vhosts/fd-limits.xml
    http://10.63.240.10/manual/programs/apachectl.xml
    **************TEST B************
    http://10.63.240.10/manual/platform/ebcdic.xml
    http://10.63.240.10/manual/ssl/ssl_compat.xml
    ***************BOTH****************
    http://10.63.240.10/manual/howto/htaccess.xml
    http://10.63.240.10/manual/howto/cgi.xml
    When I try attaching to the first URL for example, here is the connection info (I trimmed it down so it will fit here):
    MOSL1S1A#sh mod csm 2 real
    real server farm Conns/hits
    10.40.109.100 URL-POLICY-TEST 1
    10.40.109.101 URL-POLICY-TEST 0
    10.40.109.100 URL-TESTA 0
    10.40.109.101 URL-TESTB 0
    MOSL1S1A#
    MOSL1S1A#sh mod csm 2 conn
    prot vlan source destination
    In TCP 605 10.47.10.10:3738 10.63.240.10:80
    Out TCP 605 10.40.109.101:80 10.63.240.204:8820
    I've tried changing the syntax on the URL statement in the map as such:
    /manual/*
    */manual/*
    /manual/
    *manual*
    /manual*

  • Rv042 dual-wan threshold based load balance?

    I have an RV042 (it's old, silver/dark grey plastic front one) w/ firmware 1.3.13.02-tm.
    The reason we bought this (long ago) was to balance two WAN connections, one with unlimited data and one capped monthly.  It did that once, but for a couple years both connections have been unmetered so it's just been balancing them 50/50.  As of today one WAN connection (the new much faster one) is back to being metered but I can't figure out how to configure the RV042 as it once was to prefer sending traffic over the slow, unmetered connection first, and only use the faster metered connection when necessary.
    It's been a long time and honestly I only vaguely remember the ability to prioritize a connection based on % of bandwidth used so that all traffic would go over the unlimited connection 1st until it was flooded, and only then fall over to the metered connection.  This is totally different than the weighted round robin, or smart link backup.
    I found this 3rdparty pforum post that supports that vauge memory and suggests this was eliminated netweem firmware 1.23 and 1.3:
    http://www.linksysinfo.org/index.php?threads/rv042-load-balancing-options-from-the-manual-where-to-find.15512/#post-69948
    So I humlbly ask...  Is it possible to replicate this functionality with the current firmware? if so how?  If not, how to do roll back to firmware 1.23?
    It sounded like perhaps I could assigned WAN1 a bandwidth of 100000 (even though it's really 1500) and then assign WAN2 a bandwidth of 1 (even though it's really 20000) and the result might be the prioritization I'm looking to achieve...  but I feel like I'm stumbling in the dark at the point.
    Just FYI, I'm not at all opposed to buying new hardware to acheive this if it's not terribly expensive (ie. <$200).  I'd rather not, but I've got to solve this quick.

    Hi Jon,
    I Also have one of these routers.
    On the bottom mine says (v02) which means its hardware version is 2.
    I just got this one brand new for home as I have been using them for a very long time now. However I have been using them for VPN and now I am needing the same functionality as you.
    I am currently running Firmware Version: 1.3.12.19-tm
    If you login to the web management (eg 192.168.1.1) and go to System Management > Dual-WAN
    Down the bottom you will see "Protocol Binding".
    This is all I know of to send specific ports or applications via a specific WAN.
    I'll give you an example of how I am using it currently.. (BTW it seems to be working OK, But you are on a higher firmware)
    eg: WAN1 is more reliable than WAN2 which is a cheap unlimited service.
    So I bind port 5060 (sip), port 80 (http) and port 443 (https) to WAN1 so that my VOIP phone is on the good service and so is all web traffic.
    so all the other stuff can use the unlimited connection.
    Also, My current bandwidth settings are
    WAN          UPSTREAM          DOWNSTREAM
    1                384                       8000
    2                384                       10000
    And Under: System Management > Bandwidth Management you can also prioritize those ports.
    This may help you in some way, So maybe you can help me..
    Your post has made me not want to upgrade the firmware.. Can you please confirm that this functionality exists still?
    Thanks

  • Cookie based Load Balancing

    If 3 Real servers in a non-load balancing environmet are setting session cookies with diffrenet cookie names e.g.
    server1 response
    set-Cookie: SESSIDSAAAAAA=DMNNNELCECNCKDIIDCPOIMGG
    Server2 response
    set-Cookie: SESSIDSBBBBBB=DAAMMNELCECNCKPYTWPOIPOP
    Server3 response
    set-Cookie: SESSIDSCCCCCC=POHYTUOIPOPPLKJHTERIQOKJ
    then how can CSM be configured with cookie based stickiness.
    I tried cookie insert on CSM with NULL value Assigned to "COOKIE_INSERT_EXPIRATION_DATE".
    It resulted in two set cookie responses (one from server and one from CSM).
    I am wondering how csm will react ( cookie insert is used) if client request carries two cookie name-value pairs.
    clients are behind megaproxy so cookie based stickiness is needed.
    Thanks

    if you look into a http client request you will see that many times there are more than 1 cookies.
    The most important is to make sure the CSM insert a cookie with a different name.
    Create your own name.
    The client will receive both the csm cookie and the server cookie and will send both when opening a new connection.
    The CSM is able to locate its own cookie in the list and do the stickyness.
    Gilles.

  • IP source based Load balancing?

    Hi all;
    We encounter the following issue:
    A load balancer directs requests in a round robin mechanism to several servers. We want the load balancer direct requests based on the source IP addresses, so that the same host would be directed to the same server at each time it reaquests to be connected (reconnection). Is this possible when using CSM module knowing that NAT is implemented?
    Regards

    Yes this is possible doing
    vserver VAPP
    virtual 10.1.1.11 tcp 2514
    serverfarm SAPP
    sticky 90 group 8
    idle 5400
    persistent rebalance
    inservice
    sticky 8 netmask 255.255.255.255 address source timeout 90
    This should make the session sticky

  • Port channel Load balancing in Storage VDC

    Hi i am not able to find how to check PO load balancing for storage VDC, although i know by default for FCoE traffic on storage vdc it is OXID but whether it is src-dst l4port or src-dst ipl4port.

    Hi,
    From "Nexus 5500 to Nexus 7000 Multi-Hop FCoE Configuration Example" , 
    Note: On Nexus 7000, by default the source-destination-oxid load balancing mechanism is used for FCoE traffic.
    So let's see what is the default load balancing mechanism in Nexus 7000,
    From "Nexus 7000 interface configuration guide" ,
    The default load-balancing mode for Layer 3 interfaces is the source and destination IP address, and the default load-balancing mode for non-IP interfaces is the source and destination MAC address.
    Which means src-dst ip.
    So what I think is you need to have src-dst ip in default VDC for OXID load balancing in Nexus 7000.

Maybe you are looking for