Press "Enter" to skip to content

Direct Server Return Example (Single Legged)

This “Direct Server Return” example should give you a starting point for your own test setup. You should change the example network “172.16.1.0/24” to match your own network setup (and the server address too).

The Network before

Consider this to be the initial network configuration before inserting the BalanceNG node (the network 172.16.1.0/24 should represent a public allocated address space):

Network configuration without BalanceNG
Network configuration without BalanceNG

Things to verify

  • You should be able to ping the default gateway 172.16.1.254 from the Web Server.
  • Clients from the Internet are able to initiate TCP connection to port 80 on the Web Server 172.16.1.10.

Load balancing to two Targets in DSR-Mode (Direct Server Return)

The key idea for BalanceNG in DSR mode is to configure the IP address of the Virtual Server (172.16.1.10 in this example) as an alias on the Loopback interface on the Targets.

This makes the Targets addressable on Layer 2 leaving the Virtual Server Address unchanged. The machine must not answer any ARP requests for the virtual server address.

Network configuration BalanceNG single legged balancing to two targets
Network configuration BalanceNG single legged balancing to two targets

Establishing the Loopback Aliases

Use the following commands to establish the Loopback-alias on the Targets:

Linux: 
 ifconfig lo:0 <IP-address> netmask 255.255.255.255 -arp up
Solaris: 
 ifconfig lo0:1 plumb
 ifconfig lo0:1 <IP-address> netmask 255.255.255.255 up

In our example this would be the following command line (assuming a Linux operating system) executed on both Target 1 and Target 2:

# ifconfig lo:0 172.16.1.10 netmask 255.255.255.255 -arp up

Additionally it is necessary to disable invalid ARP replies (Linux 2.6 kernel, take a look at the FAQ):

# echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore
# echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce

The Packet flow in this setup is as follows:

Packet Flow in a DSR (Direct Server Return) setup
Packet Flow in a DSR (Direct Server Return) setup

The BalanceNG config file

This is the BalanceNG configuration for this DSR example. The BalanceNG box is connected to the switch with one interface (eth0) only. The “real” address in the network section is being used as source address for ARP resolving and health checks.

// configuration taken Fri Apr 26 14:20:11 2013
// BalanceNG 3.446 (created 2013/04/26)
modules vrrp,arp,ping,hc,master,slb,tnat,nat,rt
interface 1 {
 name eth0
 access raw
} 
register interface 1
enable interface 1
network 1 {
 name "local network"
 addr 172.16.1.0
 mask 255.255.255.0
 real 172.16.1.252
 virt 172.16.1.253
 interface 1
} 
register network 1
enable network 1
server 1 {
 ipaddr 172.16.1.10
 port 80
 protocol tcp
 targets 1,2
} 
register server 1
enable server 1
target 1 {
 ipaddr 172.16.1.100
 port 80
 protocol tcp
 tcpopen 80,3,10
 dsr enable
} 
target 2 {
 ipaddr 172.16.1.101
 port 80
 protocol tcp
 tcpopen 80,3,10
 dsr enable
} 
register targets 1,2
enable targets 1,2
// end of configuration

Things to verify

  • You should be able to ping the default gateway 172.16.1.254 from the targets (as before).
  • You should be able to ping the virtual web server 172.16.1.10 from the router.
  • Clients from the Internet are able to initiate TCP connection to port 80 on the virtual Web Server 172.16.1.10 (now being represented by BalanceNG).
  • “show servers” and “show targets” in BalanceNG interactive mode should show everything up and operating.