not sure you are allowed to shamelessly plug your own tools, but if you are 
happy with ipf's round-robin, I would like to give special attention to my 
"l4ip" tool http://www.lundman.net/unix/l4ip.php which does the health check, 
and adding/removing of ipf RDR rules dynamically.

I want to do a cgi wrap around it for simply GUI/remote administration, but I 
have yet to find someone to aid with that. :)

Lund



Joel CARNAT wrote:
> On the last episode (Wed, 30 Mar 2005 19:27:11 +0200), Manuel Bouyer <bouyer@antioche.eu.org> said:
> 
> 
>>On Tue, Mar 29, 2005 at 11:30:17PM +0200, Joel CARNAT wrote:
>>
>>>Hi,
>>>
>>>I can't find any carp reference on my NetBSD boxes (manpage & google).
>>>so :
>>>1. do we have any carp implementation ready (expect net/ucarp) ?
>>>2. what other choice do we have to get failover and/or load-balancing (for firewalling, HTTP, SMTP services and such) ?
>>
>>ipf can do load-balencing with rdr or bimap rules (I don't remember). Maybe
>>fail-over too. But I've never tried it.
> 
> 
>  yeah, I've seen the rdr/round-robin feature in pf too (sorry, I use pf on NetBSD too ;)
>  a question I had about that (posted on misc@openbsd.org and still not answered) is, what happens when some of the servers are down - does ipf/pf still rdr paquets to them.
> I can see the same example in ipnat.conf (than in pf's doc) :
> rdr le0 203.1.2.3/32 port 80 ->  203.1.2.3,203.1.2.4 port 80 tcp round-robin
> What happens here when 203.1.2.3 goes down ?
> Does 50% of the queries goes "host down" or is ipnat/pf smart enough to test if the host is UP before redirecting the network flow ?
> 

-- 
Jorgen Lundman       | <lundman@lundman.net>
Unix Administrator   | +81 (0)3 -5456-2687 ext 1017 (work)
Shibuya-ku, Tokyo    | +81 (0)90-5578-8500          (cell)
Japan                | +81 (0)3 -3375-1767          (home)