Dave Cottlehuber
2019-Jan-14 18:44 UTC
Any suggestions for a layer 3 load ablancer for 12, as relayd doesnt work anymore
On Mon, 14 Jan 2019, at 17:15, Pete French wrote:> So, until the middle of this afternoon I was, doing my load > balancing using> relayd from ports and PF. My own fault for not checking, but I > upgraded> one of the firewall pair to 12 and then discovered that the > relayd port is> no > Am now puzzling over solutions to this - I dont really want to stay on> 11 forevere. Moving to OpenBSD to get their PF and relayd is a bit of> an uncomfortable idea as we gain a lot from having one OS > everywhere that> people know, so does anyone have any suggestions ? > > PF round robin is not good enough for this as I have some dynamic > problems> which indicate when a node is up or down. Relayd will check > these, but the> basic PF wil not as far as I know. > > What do other people do ?haproxy does proper failover and allows custom health checks either via URL or real world traffic of external scripts. Traefik has lots of container oriented features. Dave
Mark Blackman
2019-Jan-15 10:24 UTC
Any suggestions for a layer 3 load ablancer for 12, as relayd doesnt work anymore
> On 14 Jan 2019, at 18:44, Dave Cottlehuber <dch at skunkwerks.at> wrote: > > > > >> On Mon, 14 Jan 2019, at 17:15, Pete French wrote: >> So, until the middle of this afternoon I was, doing my load >> balancing using> relayd from ports and PF. My own fault for not checking, but I >> upgraded> one of the firewall pair to 12 and then discovered that the >> relayd port is> no >> Am now puzzling over solutions to this - I dont really want to stay on> 11 forevere. Moving to OpenBSD to get their PF and relayd is a bit of> an uncomfortable idea as we gain a lot from having one OS >> everywhere that> people know, so does anyone have any suggestions ? >> >> PF round robin is not good enough for this as I have some dynamic >> problems> which indicate when a node is up or down. Relayd will check >> these, but the> basic PF wil not as far as I know. >> >> What do other people do ? > > haproxy does proper failover and allows custom health checks either via > URL or real world traffic of external scripts. Traefik has lots of > container oriented features. > DaveThere?s also the very venerable (hence reliable) HTTP proxy/load balancer, Apache Traffic Manager, https://trafficserver.apache.org - Mark