www.zeroshell.org Forum Index www.zeroshell.org
Linux Distribution for server and embedded devices
 
 SearchSearch  RegisterRegister  UsergroupsUsergroups 
 ProfileProfile  Log inLog in  Log in to check your private messagesPrivate Message 

How to use iptables with net balancer ?

 
Post new topic   Reply to topic    www.zeroshell.org Forum Index -> Networking
View previous topic :: View next topic  
Author Message
foudroyeur



Joined: 24 Feb 2011
Posts: 15

PostPosted: Fri Jan 27, 2012 11:22 am    Post subject: How to use iptables with net balancer ? Reply with quote

Hello

I have no idea to use iptables on the net balancer folder

My project :

I have 6 routers (Wan) and up to 100 users (Lan)
To establish prefered routers (ip x.y.z.1,x.y.z.x.7, x.y.z.13... to first router, ip x.y.z.2, x.y.z.8,x.y.z.14 to second router) , assuming that if a router is down, a random router is linked instead by the netbalancer.
The purpose of that is to allow lan client to see a single wan ip adress (some sites need that - banks or forums)
i think the only way is to configure iptables

Shall i configure that on the startup/cron, on the netbalancer folder or on the firewall folder ? and how ?
Back to top
View user's profile Send private message
atheling



Joined: 24 Sep 2009
Posts: 212

PostPosted: Fri Jan 27, 2012 5:33 pm    Post subject: Reply with quote

My solution to this for my much simpler setup (two WAN links and only a few users) was to fix the Net Balancer so it works better.

Patch for b16 is at http://dl.dropbox.com/u/19663978/nb_qos_b16_patch.tar.gz
Patch for b14 is at http://dl.dropbox.com/u/19663978/ZS_nb_qos_b14_b.tar.gz

(No differences between changes needed for b14 and b15, so no b15 patch.)

It does lots of things, like allowing QoS to work with net balancing. But it also makes connections sticky so your banking transaction connections will all go out the same external IP address.

Install by getting to the shell prompt on your Zeroshell box, doing a wget to pull the appropriate patch from the above link. Use tar, etc. to unpackage it. There is a read me file in the package telling you how to do the rest of the install.

Fulvio has indicated that he will include this patch on some future release. But that has been a few beta releases ago and its not there yet.
Back to top
View user's profile Send private message
redfive



Joined: 27 Aug 2009
Posts: 232

PostPosted: Fri Jan 27, 2012 5:59 pm    Post subject: Reply with quote

just to confirm , a guy on italian forum had the same problem (on b16) , seems now solved with Atheling's patch . Great job , thanks Atheling !! And obviously , many thanks to Fulvio !!
cheers
jonatha
Back to top
View user's profile Send private message
foudroyeur



Joined: 24 Feb 2011
Posts: 15

PostPosted: Tue Jan 31, 2012 1:29 pm    Post subject: Wonderfull Reply with quote

Thank you very much
I'll try it on a few hours

Thank you again
Back to top
View user's profile Send private message
foudroyeur



Joined: 24 Feb 2011
Posts: 15

PostPosted: Tue Jan 31, 2012 4:12 pm    Post subject: Connexion sticky Reply with quote

Hello

I'm very interrested by the connexion sticky (To allow one router to one client).

I installed the patch but nothing is visible when running. Shall we configure something ? Or it's running in silent mode ?

Thank you very much ^^
Back to top
View user's profile Send private message
foudroyeur



Joined: 24 Feb 2011
Posts: 15

PostPosted: Tue Jan 31, 2012 4:41 pm    Post subject: Ok i understand Reply with quote

Ok

by reading this threat i understand better

http://www.zeroshell.net/eng/forum/viewtopic.php?t=3076&sid=255459f3b7ee666e3687c3c0cb146934

I have to do a thrue test with the working server

Thank youuuu Smile
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    www.zeroshell.org Forum Index -> Networking All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum


Powered by phpBB © 2001, 2005 phpBB Group