Viability of nginx instead of hardware load balancer?
gabe at vtunnel.com
Thu Sep 24 21:32:02 MSD 2009
Another problem with the floating ip is locking arp. The routers on my
host lock the arp for a given ip to whichever mac address it first
hears claiming to have that ip, so I can't switch ips on the same
segment between machines without talking to them first (or presumably
letting the arp entry expire)
On Thu, Sep 24, 2009 at 6:04 PM, Payam Chychi <pchychi at gmail.com> wrote:
> On Thu, Sep 24, 2009 at 8:46 AM, Gabriel Ramuglia <gabe at vtunnel.com> wrote:
>> My experiences with spread were less than stellar, but instead of
>> going into that, I'll just give a piece of advice. Spread first tries
>> to communicate using multicast, and then falls back to broadcasting.
>> At my hosting provider, since their equipment didn't support
>> multicast, this meant that, even though communications were only going
>> between two computers and did not need to be broadcast to everyone,
>> all communications were being broadcast to everyone on the subnet. It
>> didn't take long before my hosting provider null routed my server. You
>> can override this behaviour by telling spread to communicate using
>> unicast, but this only works if there is only one destination for each
>> source piece of information.
>> Just something to keep in mind
>> On Thu, Sep 24, 2009 at 4:04 PM, Barry Abrahamson <barry at automattic.com> wrote:
>>> On Sep 17, 2009, at 5:49 AM, John Moore wrote:
>>>> It certainly does, thanks! Could I trouble you to explain a little more
>>>> about your use of Wackamole and Spread? I've not used either of them before.
>>> There is a How-to here:
>>> You are just using nginx instead of HAProxy, but the Wackamole and Spread
>>> portion still applies.
>>> Scalable Internet Architectures (
>>> http://www.amazon.com/Scalable-Internet-Architectures-Theo-Schlossnagle/dp/067232699X )
>>> also has a section on how this works.
>>>> Also, is there any reason why a hosting company would have problems with
>>>> such a setup (i.e., this won't be running in our hardware on our premises,
>>>> but we have full control of Linux servers).
>>> Yes, you have to be a little careful here and ask questions up front. A lot
>>> of hosting companies segment their switches such that each port is it's own
>>> VLAN which means you can't "float" IPs between ports which is what you need
>>> for this to work. If you tell your hosting company what you are trying to
>>> do and tell them that you need to be able to have IPs which are
>>> programmatically moved between switch ports they should be able to tell you
>>> if this is possible or not. Some hosts may require you have some sort of
>>> "private rack" or other upgrade to make this possible.
>>> Barry Abrahamson | Systems Wrangler | Automattic
>>> Blog: http://barry.wordpress.com
> why not just ask for your own private vlan? a private vlan will not
> only create a boundry around your unciast/broadcast traffic but it
> will also allow you to have your own ip unshared ip space (as appose
> to shared vlan/shared ip space). Also, private vlan will give you the
> frameworkf or moving your ip space anywhere you want inside the
> In regards to floating ip, just hava them provision you on a layer2
> segment, that will allow you to have multiple ports on their netowrk,
> in the same private vlan, in different locations
> Payam Tarverdyan Chychi
> Network Security Specialist / Network Engineer
More information about the nginx