LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Networking (https://www.linuxquestions.org/questions/linux-networking-3/)
-   -   Round robin load balancing to three proxies listening on ports 1001, 1002, 1003 (https://www.linuxquestions.org/questions/linux-networking-3/round-robin-load-balancing-to-three-proxies-listening-on-ports-1001-1002-1003-a-4175658981/)

Ulysses_ 08-11-2019 03:29 PM

Round robin load balancing to three proxies listening on ports 1001, 1002, 1003
 
Got three HTTP/S proxies listening on ports 1001, 1002 and 1003 on 192.168.0.1. On another system on the same network, firefox is set to use the 192.168.0.1:1001 proxy. Is it possible with iptables or otherwise in the server system, to use all proxies in a round robin fashion?

Inspired from this nice article but we want to round robin connections, not to send packets in a round robin fashion. As in, the first connection gets the HTML code of a web page using the 1001 proxy, the next connection gets an image using the 1002 proxy and so on.

Ulysses_ 08-11-2019 03:47 PM

Or does the article round robin connections? And therefore the following is what is needed?

iptables -A PREROUTING -t nat -p tcp -d 192.168.0.1 --dport 1001 \
-m statistic --mode nth --every 3 --packet 0 \
-j DNAT --to-destination 192.168.0.1:1001

iptables -A PREROUTING -t nat -p tcp -d 192.168.0.1 --dport 1001 \
-m statistic --mode nth --every 2 --packet 0 \
-j DNAT --to-destination 192.168.0.1:1002

iptables -A PREROUTING -t nat -p tcp -d 192.168.0.1 --dport 1001 \
-j DNAT --to-destination 192.168.0.1:1003

Ulysses_ 08-11-2019 04:10 PM

Or is "ip route" the way to do it (after adding virtual nic's eth1, eth2 and eth3 on both systems and respective virtual cables and static IP's), ie doing this on the client:

ip route add default scope global \
nexthop via 192.168.1.1 dev eth1 weight 1 \
nexthop via 192.168.2.1 dev eth2 weight 1 \
nexthop via 192.168.3.1 dev eth3 weight 1

and on the server:

iptables -A PREROUTING -t nat -p tcp -i eth1 --dport 1001 \
-j DNAT --to-destination 192.168.0.1:1001

iptables -A PREROUTING -t nat -p tcp -i eth2 --dport 1001 \
-j DNAT --to-destination 192.168.0.1:1002

iptables -A PREROUTING -t nat -p tcp -i eth3 --dport 1001 \
-j DNAT --to-destination 192.168.0.1:1003

Can this be simplified somehow?


All times are GMT -5. The time now is 08:10 AM.