Pete French
2019-Jan-14 16:15 UTC
Any suggestions for a layer 3 load ablancer for 12, as relayd doesnt work anymore
So, until the middle of this afternoon I was, doing my load balancing using relayd from ports and PF. My own fault for not checking, but I upgraded one of the firewall pair to 12 and then discovered that the relayd port is no longer available. Am now puzzling over solutions to this - I dont really want to stay on 11 forevere. Moving to OpenBSD to get their PF and relayd is a bit of an uncomfortable idea as we gain a lot from having one OS everywhere that people know, so does anyone have any suggestions ? PF round robin is not good enough for this as I have some dynamic problems which indicate when a node is up or down. Relayd will check these, but the basic PF wil not as far as I know. What do other people do ? cheers -pete.
Mark Blackman
2019-Jan-14 16:23 UTC
Any suggestions for a layer 3 load ablancer for 12, as relayd doesnt work anymore
> On 14 Jan 2019, at 16:15, Pete French <petefrench at ingresso.co.uk> wrote: > > So, until the middle of this afternoon I was, doing my load balancing using > relayd from ports and PF. My own fault for not checking, but I upgraded > one of the firewall pair to 12 and then discovered that the relayd port is > no longer available. > > Am now puzzling over solutions to this - I dont really want to stay on > 11 forevere. Moving to OpenBSD to get their PF and relayd is a bit of > an uncomfortable idea as we gain a lot from having one OS everywhere that > people know, so does anyone have any suggestions ? > > PF round robin is not good enough for this as I have some dynamic problems > which indicate when a node is up or down. Relayd will check these, but the > basic PF wil not as far as I know. > > What do other people do ?Use HAproxy for basic load balancing and Traefik for more sophisticated usage. Not sure how you get seamless failover with either though. That was the nice thing about relayd/PF - Mark
Dave Cottlehuber
2019-Jan-14 18:44 UTC
Any suggestions for a layer 3 load ablancer for 12, as relayd doesnt work anymore
On Mon, 14 Jan 2019, at 17:15, Pete French wrote:> So, until the middle of this afternoon I was, doing my load > balancing using> relayd from ports and PF. My own fault for not checking, but I > upgraded> one of the firewall pair to 12 and then discovered that the > relayd port is> no > Am now puzzling over solutions to this - I dont really want to stay on> 11 forevere. Moving to OpenBSD to get their PF and relayd is a bit of> an uncomfortable idea as we gain a lot from having one OS > everywhere that> people know, so does anyone have any suggestions ? > > PF round robin is not good enough for this as I have some dynamic > problems> which indicate when a node is up or down. Relayd will check > these, but the> basic PF wil not as far as I know. > > What do other people do ?haproxy does proper failover and allows custom health checks either via URL or real world traffic of external scripts. Traefik has lots of container oriented features. Dave