Viability of nginx instead of hardware load balancer?

Gabriel Ramuglia gabe at vtunnel.com
Thu Sep 24 21:32:02 MSD 2009


Another problem with the floating ip is locking arp. The routers on my
host lock the arp for a given ip to whichever mac address it first
hears claiming to have that ip, so I can't switch ips on the same
segment between machines without talking to them first (or presumably
letting the arp entry expire)

On Thu, Sep 24, 2009 at 6:04 PM, Payam Chychi <pchychi at gmail.com> wrote:
> On Thu, Sep 24, 2009 at 8:46 AM, Gabriel Ramuglia <gabe at vtunnel.com> wrote:
>> My experiences with spread were less than stellar, but instead of
>> going into that, I'll just give a piece of advice. Spread first tries
>> to communicate using multicast, and then falls back to broadcasting.
>> At my hosting provider, since their equipment didn't support
>> multicast, this meant that, even though communications were only going
>> between two computers and did not need to be broadcast to everyone,
>> all communications were being broadcast to everyone on the subnet. It
>> didn't take long before my hosting provider null routed my server. You
>> can override this behaviour by telling spread to communicate using
>> unicast, but this only works if there is only one destination for each
>> source piece of information.
>>
>> Just something to keep in mind
>> -Gabe
>>
>> On Thu, Sep 24, 2009 at 4:04 PM, Barry Abrahamson <barry at automattic.com> wrote:
>>>
>>> On Sep 17, 2009, at 5:49 AM, John Moore wrote:
>>>
>>>> It certainly does, thanks! Could I trouble you to explain a little more
>>>> about your use of Wackamole and Spread? I've not used either of them before.
>>>
>>> There is a How-to here:
>>>
>>> http://www.howtoforge.com/setting-up-a-high-availability-load-balancer-with-haproxy-wackamole-spread-on-debian-etch-p2
>>>
>>> You are just using nginx instead of HAProxy, but the Wackamole and Spread
>>> portion still applies.
>>>
>>> Scalable Internet Architectures (
>>> http://www.amazon.com/Scalable-Internet-Architectures-Theo-Schlossnagle/dp/067232699X )
>>> also has a section on how this works.
>>>
>>>> Also, is there any reason why a hosting company would have problems with
>>>> such a setup (i.e., this won't be running in our hardware on our premises,
>>>> but we have full control of Linux servers).
>>>
>>> Yes, you have to be a little careful here and ask questions up front.  A lot
>>> of hosting companies segment their switches such that each port is it's own
>>> VLAN which means you can't "float" IPs between ports which is what you need
>>> for this to work.  If you tell your hosting company what you are trying to
>>> do and tell them that you need to be able to have IPs which are
>>> programmatically moved between switch ports they should be able to tell you
>>> if this is possible or not.  Some hosts may require you have some sort of
>>> "private rack" or other upgrade to make this possible.
>>>
>>> Barry
>>>
>>> --
>>> Barry Abrahamson | Systems Wrangler | Automattic
>>> Blog: http://barry.wordpress.com
>>>
>>>
>>>
>>>
>>>
>>
>>
>
> why not just ask for your own private vlan?  a private vlan will not
> only create a boundry around your unciast/broadcast traffic but it
> will also allow you to have your own ip unshared ip space (as appose
> to shared vlan/shared ip space). Also, private vlan will give you the
> frameworkf or moving your ip space anywhere you want inside the
> network.
>
> In regards to floating ip, just hava them provision you on a layer2
> segment, that will allow you to have multiple ports on their netowrk,
> in the same private vlan, in different locations
>
>
> --
> Payam Tarverdyan Chychi
> Network Security Specialist / Network Engineer
>
>





More information about the nginx mailing list