networking – load balancing with IPTabels does not work

I have an Ubuntu server (19.04 / 5.0.0-15-generic) with three interfaces.

eth0: LAN (192.168.10.253/24)
eth1: WAN1 (172.29.13.201/24, gateway .253)
eth2: WAN2 (172.29.14.201/24, gateway .253)  

When I run the following script in Debian (9.9 / 5.0.0-15-generic), the load balancer works. I get a 20/20 + 20/20 = 40/40 connection.

However, when I am this same script to Ubuntu. The load balancing works, the traffic is taken between eth1 and eth2. But the return traffic never reaches the client, I see the return traffic in eth1 and eth2, but not in eth0.

I use the following script to define iptables and ip-routes.

#! / bin / bash

echo 1> | / proc / sys / net / ipv4 / ip_forward
echo 0> | / proc / sys / net / ipv4 / conf / all / rp_filter

# erases all iptables entries
iptables -t filter -F
iptables -t filter -X
iptables -t nat -F
iptables -t nat -X
iptables -t mangle -F
iptables -t mangle -X
iptables -t filter -P INPUT ACCEPT
iptables -t filter -P ACCEPTED EXIT
iptables -t filter -P FORWARD ACCEPT

# initialize the strings that will do the job and save the packets
iptables -t mangle -N CONNMARK1
iptables -t mangle -A CONNMARK1 -j MARK -set-mark 1
iptables -t mangle -A CONNMARK1 -j CONNMARK -save-mark
iptables -t mangle -A CONNMARK1 -j LOG - prefix-log iptables-mark1: & # 39; - Newspaper level information

iptables -t mangle -N CONNMARK2
iptables -t mangle -A CONNMARK2 -j MARK -set-mark 2
iptables -t mangle -A CONNMARK2 -j CONNMARK -save-mark
iptables -t mangle -A CONNMARK2 -j LOG - prefix-log iptables-mark2: & # 39; - Newspaper level information

iptables -t mangle -N RESTOREMARK
iptables -t mangle -A RESTOREMARK -j CONNMARK - restore-mark
iptables -t mangle -A RESTOREMARK -j LOG - prefix -log & # 39; restore-mark: & # 39; --logging information

iptables -t nat -N SNAT1
iptables -t nat -A SNAT1 -j LOG -prefix-log-snat-to-172.29.13.201: & # 39; - info at logging level
iptables -t nat -A SNAT1 -j SNAT -to-source 172.29.13.201

iptables -t nat -N SNAT2
iptables -t nat -A SNAT2 -j LOG - prefix-log-snat-to-172.29.14.201: & # 39; - Newspaper level information
iptables -t nat -A SNAT2 -j SNAT -to-source 172.29.14.201

# iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE
# iptables -t nat -A POSTROUTING -o eth2 -j MASQUERADE


# restore fwmark on packets belonging to an existing connection
iptables -t mangle -A PREROUTING -i eth0 
-m state --state ESTABLISHED, CONNECTED -j RESTOREMARK


# if the mark is zero, it means that the package does not belong to an existing connection
iptables -t mangle -A PREROUTING -m state - state NEW 
-m statistic --mode nth --every 2 - package 0 -j CONNMARK1
iptables -t mangle -A PREROUTING -m state - state NEW 
stat -mode nth --every 2 - packet 1 -j CONNMARK2


iptables -t nat -A POSTROUTING -o eth1 -j SNAT1
iptables -t nat -A POSTROUTING -o eth2 -j SNAT2

if ! cat / etc / iproute2 / rt_tables | grep -q '^ 51 & # 39;
then
echo # 51; rt_link1 >> / etc / iproute2 / rt_tables
Fi

if ! cat / etc / iproute2 / rt_tables | grep -q & # 39; ^ 52 & # 39;
then
echo & # 39; 52 rt_link2 & # 39; >> / etc / iproute2 / rt_tables
Fi

route dump table ip rt_link1 2> / dev / null
add route ip 172.29.13.0/24 dev eth1 src 172.29.13.201 table rt_link1
ip route add default via 172.29.13.253 table rt_link1
route dump table ip rt_link2 2> / dev / null
add route ip 172.29.14.0/24 dev eth2 src 172.29.14.201 table rt_link2
ip route add default via 172.29.14.253 table rt_link2

ip rule del of all brands fwmark 0x1 rt_link1 2> / dev / null
ip rule del of all searches fwmark 0x2 rt_link2 2> / dev / null
ip rule del of all trademarks 0x2 2> / dev / null
ip rule del of any brand 0x1 2> / dev / null

rule ip add fwmark 1 table rt_link1
rule ip add fwmark 2 table rt_link2


ip route dump cache

Claimant losses and balancing between two

Claimant losses and balancing between two | Talk Web Hosting

& # 39;);
var sidebar_align = & # 39; right & # 39 ;;
var content_container_margin = parseInt (& # 39; 350px & # 39;);
var sidebar_width = parseInt (& # 39; 330px & # 39;)
// ->

  1. Claimant losses and balancing between two

    There are 2 suppliers. It is configured so that when a bgp session or the port of one of the providers falls, the automatic switch occurs to another provider. In this case, the customer does not notice the fall.
    But recently, it was on a provider that there were heavy losses and that the session did not fail. As a result, the customer saw problems. Who solves such situations?


  2. You might want to consider smart routing, such as noction, this should help you.

    Sales support – sales @ purevoltage.com / 1-855-787-8658
    PureVoltage.com Premium Roommates, Dedicated Hosting and VPS, with Remote Hands NY
    Business equipment with 6 global locations – Seattle | Dallas | Chicago | Los Angeles | New York | Amsterdam


Similar wires

  1. answers: 7

    Last post: 3/25/2014, 11:08

  2. answers: 8

    Last post: 5/20/2013, 9:24

  3. answers: 2

    Last post: 04-10-2013, 10:57

  4. answers: 12

    Last post: 11-12-2009, 2:40

  5. answers: 3

    Last post: 27-11-2003, 10:41 p.m.

Authorizations to publish

  • You Maybe not post new discussions
  • You Maybe not post answers
  • You Maybe not post attachments
  • You Maybe not edit your posts




design – How to compose load balancing and circuit break for an external data source

I therefore have this problem. My website uses data, extracted from another site, the sports results. These data can be updated at relatively random intervals, but it does not matter if my data is a little out of date – they do not have to be instantaneous, but they should be updated regularly.

At the same time, I can not just cache the responses from the external site -> I process them and import them into a database of graphs to be able to perform other analyzes on them.

I would like to have a system like this:

IDataSource interface {
public function getData (): array;
}

The ExternalDataSource class implements IDataSource {
// gets data from the external website - the ultimate source of truth
}

The InternalDataSource class implements IDataSource {
// get data from my own graphical database
}

The InternalImportDecorator class implements IDataSource {
private $ external;
public service __contruct (ExternalDataSource $ external) {
$ this-> external = $ external
}

public function getData (): array
{
$ data = $ this-external-> getData ();
// import the data into my internal database
returns $ data;
}
}

The CompositeDataSource class implements IDataSource
{
public function __construct (ExternalDataSource $ external, InternalDataSource $ internal)
{
$ this-> external = new InternalImportDecorator ($ external);
$ this-> internal = $ internal;
}

public function getData (): array // HERE I Need Need
{
if (rand (0, 100)> 95) {// in 95% of cases, opt for an internal database for data - much like the weighted load balancer
// here, I need something like "chain of responsibility" in case the internal DB is not yet filled
} else {// go to the external data source, so that I can update my internal data
// what happens if the external data source is not available? I need a circuit breaker with internal foldback
// and if I fall back internally and the internal database has not been completed yet
}
}

}

I have a general idea of ​​the code and the composition, I just need help to implement a method. Or maybe just a nomenclature, how is this situation properly called, so I can search for it myself on Google.

Balancing the Load – How to Design a Highly Available and Fault-tolerant File Storage Depot in Linux Box

I am trying to create a highly available and fault-tolerant file repository location on the Linux server. Please find the current system design below:

enter the description of the image here

We have 2 Linux servers in a secure zone in which several clients of the unsecured area will fall files in batch mode using xcom utility. Each client has different times to send files depending on the case of the company's use. Now all clients have been configured to drop the file into server1. But this design is not appropriate because it does not solve the following problems:

  • If server1 does not work, clients can not send their files to the secure zone unless the updated configurations are sent manually to server2.
  • If server1 crashes, there is no file backup in server2.

I am looking for a solution, such as a load balancer, able to place the files alternately OR to keep server2 in passive mode (automatically accepts when server1 is stopped).

enter the description of the image here

I'm not sure that's the best approach. Please share your views and ideas to achieve it.

Sorting – Self Balancing Binary Search Tree Optimized for Insertion

I have written a "quiz" that invites the user to compare two elements of subjective value. Once the position of all elements is determined, an ordered list is displayed, of the most valuable at least. The number of elements is fixed. The current implementation can be seen at https://dfdx.us/core-values-quiz/.

What matters most is to minimize the number of comparisons the user needs to enter or, more specifically, to minimize the amount of time the user must make each comparison multiplied by the number of comparisons.

Currently, I propose two methods of sorting: Quicksort and insertion into a binary tree. Compared to a self-balancing BST, Quicksort will always require more comparisons, but as each consecutive comparison relates to a single element (the partition element), the brain does not need to change a lot of context and can answer questions faster. . The binary search tree will present fewer issues that take longer. I let the user decide which method he wants to use, given the advantages and disadvantages of each.

Since the comparisons required to rebalance the tree are managed by the computer, and not by the user, these comparisons do not need to be optimized, but only the number of comparisons needed to determine the relative position in the current tree. I believe this optimization is equivalent to, between each element insertion, balance the tree as perfectly as possible. This is to say requiring the strictest balancing stress.

The best algorithm I've tested is the AVL tree. Although the AVL tree is very bad for insertion / deletion times for most applications, it has a decent balancing constraint that provides high search speeds. The rebalancing between each insertion / deletion is what makes it inefficient, but since, compared to the human input, these comparisons are negligible, it is very good for my situation.

My situation requires an additional constraint: the user must never be presented twice the same comparison. For the AVL tree, rebalance breaks this constraint. So I just memorize all the answers of the user in a dictionary. I can not imagine a situation in which this case could not be treated with this memoziation, but I thought I would mention it nevertheless.

I really have two questions:

  1. Am I right in saying that balancing the tree as perfectly as possible guarantees the lowest number of prompts to the user?

  2. Is there a better balancing algorithm than an AVL tree?

Since before the start of the quiz, the order of the elements is random, even if you use a non-self-balanced BST value, you will get a more or less balanced tree. I could see an argument going on that Perfectly rebalancing after each insertion might actually produce a greater number of prompts, as each will have as many prompts as possible from lg (n); a slightly less balanced tree could potentially have some "lucky" insertions that require a little less than lg (n), and some "unlucky" inserts that require more, but that the lucky ones will carry it on average over unlucky ones. (I hope this makes sense.)

load balancing – Allow Websocket connections on Google Cloud Platform

We have a GCE project, with several servers behind a loadbalancer. The servers run a NodeJS HTTPS server. We have recently tried to implement Websocket support, but we are unable to connect behind the loadbalancer. As soon as the upgrade header is sent to the server to initiate the websocket, it closes the connection with a 400 error.

In the Loadbalancer logs, we see the following:

        @type: "type.googleapis.com/google.cloud.loadbalancing.type.LoadBalancerLogEntry"
statusDetails: "upgrade_header_rejected"   

The connection does not seem to go through our main servers. Does any one know how to solve this?

How to configure load balancing / failover for a Joomla site?

Hello,
I currently manage a Joomla website for a client who owns his own server. She is very opposed to any downtime and wants to configure a failover configuration by using a separate hosting account on a different server somewhere in the country. The main site has a size of about 1g and users log in to perform tasks throughout the day.

I am not comfortable with this task on my own and I need some suggestions to know who to talk to to set up such a thing. If it was …

How to configure load balancing / failover for a Joomla site?

virtualhost – Timeout when balancing the load of a hosted website as a virtual host

I have a Haproxy on a Linux server.
The load is balanced on three other servers, two Windows servers and a Linux server run by Plesk.

The main difference between the content of the three servers lies in the fact that the content of the website is hosted directly on a port on the Windows servers, while on the Linux server, because other websites are hosted on this one and that Plesk manages it. "version" hosted as a virtual host, as you would normally to add a domain, for example on Plesk.

The problem is that there are waiting times and 404 errors for CSS files when the Linux server is enabled, while the other servers are doing their job very well. I can not identify the problem, I have tried to set the "Host" header as a domain to make sure it is not a problem related to the problem. header of the host that is not sent (so the virtual host mechanism will not work).

An idea of ​​what the problem could be? I can not really host the domain on another port, because I'm afraid I'll have to deal with a lot of complexities because of Plesk's configurations.

vpn – Does the Load Balancing of Multiple WAN Connections Improve Anonymity?

I would like to understand the pros and cons of balancing outgoing connections for anonymity.

Scenario 1: My Router (ip A)> VPN Router (ip B)> VPN Router (ip C)> Web Host

Scenario 2: My Router (ip A)> 3 Load Balanced VPN Client Connections (ips B C D)> 3 Separate Connections Leaving VPN Routers (ips E F G)> Web Host

Continuing my sorry curiosity,
What happens if senario 2 to corresponds to 3 connections to the same VPN server but the VPN IP addresses or source to the web host are obviously different.

A problem that I identified is that of senario 2: you have a bigger fingerprint / connection pattern, which is a problem. Visit obscure sites compared to popular sites.

This is assuming the user accepts latency and authentication issues or SSL, etc.

5th dnd – Balancing a cursed invisibility ring

I plan to launch a campaign and I had the idea of ​​a cursed invisibility ring. Here are the technical details (without lint).

Wearing this ring provides the user with the benefits of invisibility fate, but it also disadvantages the stealth controls against the enemies who can hear.

How is it balanced? If it's unbalanced, what changes should I make to offset it?

DreamProxies - Cheapest USA Elite Private Proxies 100 Private Proxies 200 Private Proxies 400 Private Proxies 1000 Private Proxies 2000 Private Proxies ExtraProxies.com - Buy Cheap Private Proxies Buy 50 Private Proxies Buy 100 Private Proxies Buy 200 Private Proxies Buy 500 Private Proxies Buy 1000 Private Proxies Buy 2000 Private Proxies ProxiesLive Proxies-free.com New Proxy Lists Every Day Proxies123
Proxy Sites Proxy Tunnels Proxy List Working Proxy Sites Hotproxysite Proxy Sites Proxy Sites Anonymous Proxy Anonymous Proxies Top-Proxies.co.uk http://www.proxysitesnow.com Proxy Servers Free Proxies Free Proxy List Proxy List Zoxy Proxy List PR liste all proxy sites More Proxies netgofree netgofree Hide-MyIp - The Best Proxy List American Proxy List www.proxylisty.com/proxylist Web Proxy Submit Proxies Updated Proxy List Updated Proxy List aproxy.org Bypass Proxy Sites Free Proxies List Evolving Critic Business Web Directory Free Proxy List iShortIt MyProxyList Online Proxies Go Proxies Need Proxies PrivateProxies Proxies4MySchool Proxies4Work Free Proxy List Free Proxy Sites ProxyInside Wiksa Proxy ProxyLister.org Free Proxy List ProxyNoid Proxy List Free Proxy List Proxy Sites Proxy TopList ProxyVille UK Proxy WebProxy List RatedProxy.com - Listing the best Web Proxies Free Proxy List SchoolProxiesList Stay Anonymous Proxy List The Power Of Ninja Proxy List UNubstruct Free proxy sites Free proxy sites