I have a 2.6.12(ubuntu-patchset), kernel recompiled with this routing options:
[*] IP: advanced router
[*] IP: policy routing
[*] IP: equal cost multipath
Load balancing is working great, but i have problems whits long term tcp flows
(like msn-messenger or vpns or any other type of long term ip based
conection).
I assume this is because after a period of time, the per-host route cache
expires and packets get re-routed, sometimes unfortunley, from a diferent
iface. It is to remark that i''m not doing NAT in this box, just
routing, the
nat is done in each of the nexthops listed(so, no julian''s patches
applied).
i''ve found[1] that:
/proc/sys/net/ipv4/route/secret_interval
"instructs the kernel how often to blow away ALL route hash entries
regardless
of how new/old they are"
- Put the secret_interval to 1 day, will solve my problem?, cause i think that
neither a day is enough (i have ssh sessions open for more than that)
- There are other values i have to have in consideration?(route tables
cache/hash size/mem)
-Do someone knows a better aprouch?
Another thing(besides the previous problem) is that if i compile the kernel
whit (CONFIG_IP_ROUTE_MULTIPATH_CACHED) enabled:
[*] IP: equal cost multipath with caching support (EXPERIMENTAL)
The multipath sotps working and all packets get routed to the las iface in the
nexthops statements. I try compiling the four multipath modules/algos an
modprobing its, but same result. Because of that i have to go back to equal
cost multipath whit CONFIG_IP_ROUTE_MULTIPATH_CACHED disabled.
If someone can give me a hint on this will be nice to, because some thing
keeps etching. (sorry if this is not pure english)
[1]http://lwn.net/Articles/145406/
Just in case some commands output:
root@server1:/backup/ftp# ip ro ls table adsl
192.168.10.37 via 192.168.90.3 dev eth2
192.168.100.0/24 dev eth1 proto kernel scope link src 192.168.100.1
192.168.50.0/24 dev eth2 proto kernel scope link src 192.168.50.1
192.168.3.0/24 dev eth6 proto kernel scope link src 192.168.3.2
192.168.2.0/24 dev eth5 proto kernel scope link src 192.168.2.2
192.168.1.0/24 dev eth4 proto kernel scope link src 192.168.1.2
192.168.90.0/24 dev eth2 proto kernel scope link src 192.168.90.1
default proto static
nexthop via 192.168.1.1 dev eth4 weight 1
nexthop via 192.168.2.1 dev eth5 weight 1
nexthop via 192.168.3.1 dev eth6 weight 1
root@server1:/backup/ftp# ip ro show cache | egrep
''eth4|eth5|eth6'' -B1 | tail
-n20
201.216.128.100 from 192.168.90.5 via 192.168.3.1 dev eth6 src 192.168.90.1
--
192.168.90.5 from 201.240.149.1 dev eth2 src 192.168.1.2
cache mtu 1500 advmss 1460 hoplimit 64 iif eth5
--
cache <src-direct> mtu 1500 advmss 1460 hoplimit 64 iif eth2
200.114.138.45 from 192.168.90.5 via 192.168.1.1 dev eth4 src 192.168.90.1
--
192.168.90.5 from 200.74.39.52 dev eth2 src 192.168.1.2
cache mtu 1500 advmss 1460 hoplimit 64 iif eth5
71.80.214.141 from 192.168.90.5 via 192.168.1.1 dev eth4 src 192.168.90.1
--
cache <src-direct> mtu 1500 advmss 1460 hoplimit 64 iif eth2
24.86.57.13 from 192.168.90.5 via 192.168.1.1 dev eth4 src 192.168.90.1
--
192.168.90.5 from 69.66.58.31 dev eth2 src 192.168.1.2
cache mtu 1500 advmss 1460 hoplimit 64 iif eth5
--
192.168.90.5 from 61.228.9.180 dev eth2 src 192.168.1.2
cache mtu 1500 advmss 1460 hoplimit 64 iif eth4
root@server1:/backup/ftp# grep ROUTE /boot/config-2.6.12-luciano.1
CONFIG_IP_ADVANCED_ROUTER=y
CONFIG_IP_ROUTE_FWMARK=y
CONFIG_IP_ROUTE_MULTIPATH=y
# CONFIG_IP_ROUTE_MULTIPATH_CACHED is not set
CONFIG_IP_ROUTE_VERBOSE=y
CONFIG_IP_MROUTE=y
CONFIG_BRIDGE_EBT_BROUTE=m
# CONFIG_DECNET_ROUTER is not set
CONFIG_WAN_ROUTER=m
CONFIG_NET_CLS_ROUTE4=m
CONFIG_NET_CLS_ROUTE=y
CONFIG_WAN_ROUTER_DRIVERS=y
root@server1:/backup/ftp#
