redirecting connections based on probability
Max Laier
max at love2party.net
Fri Feb 29 16:41:11 UTC 2008
Am Fr, 29.02.2008, 16:35, schrieb Bartosz Giza:
> Hi,
>
> I have to do such a thing like redirecting connections to port 80 based on
> probability. For example i need to redirect 10% requests to my web server
> and
> other 90% of requests should go to the original location.
>
> I know that pf has probability feature but there is no probability option
> for
> rdr rules. I have tryied couple of methods that could work but they didn't
> :(
>
> The problem is that rdr rules works on incoming packets so i can't use
> them
> dirrectly because i don't want to redirect all packets to different
> location.
>
> Could somebody tell me is such a thing possible in pf ? If yes please
> point me
> how is that possible.
Say you want to share 1/3 -> IP_A and 2/3 -> IP_B (for the sake of brevity):
rdr on $ext_if proto tcp from any to any port 80 \
-> { $IP_B, $IP_A, $IP_B } round-robin
This also works with random pool selection. src-hash and bitmask are
obviously another story. sticky-address might also skew the results, but
could be a good idea nontheless.
--
/"\ Best regards, | mlaier at freebsd.org
\ / Max Laier | ICQ #67774661
X http://pf4freebsd.love2party.net/ | mlaier at EFnet
/ \ ASCII Ribbon Campaign | Against HTML Mail and News
More information about the freebsd-net
mailing list