I am writing a network load balancer, a question arose about the operation of the network as a whole.

There are two switches, a balancer server, clients and servers (assuming all servers are identical).

This is connected as follows: the clients are connected to the first switch, the balancing server is connected to both the first and the second switch (two network cards), the servers are connected to the second switch.

Having the server load data, the balancing server changes the destination address of the packet from the client, recalculates the checksum, and sends it to the interface that looks towards the servers (second switch).

Initially, I wanted to handle all the traffic going to / through the balancing server, but after the tests I realized that there would not be enough server capacity for such work.

Questions:

  1. Is it possible: the client accesses the balance server, for example, a normal tcp-client, I change the destination address to a free server, then the client, having received a response from the server, already communicates with the server directly. (I'm not sure that this will work).
  2. How else can I get a client to communicate directly with the server I need?
  • one
    I am afraid only by means of high-level protocols, for example, to issue HTTP redirect. Or even before requests, resolve issues of balancing several IPs for one DNS record, then the DNS will do everything itself, since gives addresses in random order. Well, or iron means of the switch. And with the help of his balancer for arbitrary protocols - just processing the entire stream - Mike
  • one
    The question may not be entirely in the topic, but still: why not HAProxy? - don Rumata
  • @donRumata Need to develop your software - Vladimir
  • The question is, do you have enough power to process what? You transfer each packet to your balancer application, where (perhaps even in userspace) do you modify the package? Or does the application receive only unknown packages, then put this connection into conntrack and further packages are processed by the kernel in kernel mode? Question two: is there more traffic to or from the server? Outgoing traffic can be changed by src immediately on the servers and wrapped in some separate, more stupid router, then the baner should process only incoming traffic packets. - Fine

1 answer 1

for example, you can send a redirect icmp packet with code 1 to the client - redirect for host .