Monday, 16 November 2009

Load Balancing with Vyatta VC 6

Here is a diagram of the setup, we are dealing with the router to the far left of the diagram "R10" : diagram

This is the video of me configuring load balancing and testing it:

Vyatta Load Balancing from Richard Vimeo on Vimeo.





Here is the configuration:
Setting up the interfaces:
R10:


interfaces {
ethernet eth0 {
address 10.0.0.27/24
description ISP1
}
ethernet eth1 {
address 192.168.0.181/24
description ISP2
}
ethernet eth2 {
address 10.0.10.10/24
description R10TOR1
}
loopback lo {
address 10.10.10.10/32
}

Setting up the IGP:

protocols {
ospf {
area 10 {
network 10.0.10.0/24
network 10.10.10.10/32
}
default-information {
originate {
always
metric-type 2
}
}
}



Setting up Load Balancing

static {
route 0.0.0.0/0 {
next-hop 10.0.0.126 {
}
next-hop 192.168.0.1 {
}
}
}

load-balancing {
wan {
flush-connections
interface-health eth0 {
failure-count 2
nexthop 10.0.0.126
success-count 1
test 10 {
ping
resp-time 5
target 192.168.0.1
}
}
interface-health eth1 {
failure-count 2
nexthop 192.168.0.1
success-count 1
test 10 {
ping
resp-time 5
target 192.168.0.1
}
}
rule 10 {
inbound-interface eth2
interface eth0 {
weight 1
}
interface eth1 {
weight 1
}
protocol all
}
}
}




Good luck and Enjoy!

15 comments:

Cititechs said...

So I really liked this video currently I use Openwrt running inside of a VM to accomplish the same thing. I have two isp's that provide me 5 static ip's per isp.
I like to use Vyatta 6 to replace my openwrt and also leverage QOS like you demoed in your Asterisk video.My current configuration has Openwrt and behind that sits my Microsoft ISA 2006. What I like about my config is that I dont have to create firewall rules in two places such as the Openwrt and the ISA box the Openwrt just forwards the traffic and I can create rules per public IP I have . I wonder if I could do the same with Vyatta? I was excited when I saw the new Microsoft TMG product supporting VOIP and dual ISP but it doesnt do QOS on all protocols only http(s) so I guess am still going to have something in front of my ISA/TMG box. Then my next mission is figuring out where to place my Asterisk box sounds like I would have to place it behind the Vyatta and not the ISA because if I place it behind the ISA it won’t forward the DSCP packet out to the WAN. So then my next issue would be how do my VPN users would access my Asterisk box. Argg questions questions if you could help let me know. Thanks for the great videos.

Roggy said...

Sure vyatta can do all of that.
but so can ISA.

You could for example install "bandwidth controller" to fix your qos issues.

However if you can use vyatta it would probably be better for you because it does all of that out-of-the-box.

two tips for you:
1) you might be getting to the stage where it is better to get a proper AS and do full BGP peering with your ISPs
2) place your asterisk box on a third "dogleg" nic for a dmz.

lalit said...
This comment has been removed by the author.
lalit said...

I have a requirement where 2 links from different ISP is coming ( One reliable with less bandwidth,high RTT and other less reliable with high bandwidth, low RTT ). what we want in normal scenario when both links are up traffic should preferably go via second link.In case of second link failure the traffic should go via first link. Is this possible with vyatta router as we can not OSPF here ?

Roggy said...

Sure you can do this with the "weight" option within the config.

However if you wish to do proper load balancing then you are going to need to use BGP

lalit said...

Thanks Roggy, I tested with weight option and it is working. However I yet have to testing load balancing using BGP.
Thanks

cokelat said...

hye..i want to create load balancing using several algorithm which are least-connection,fast-connection and observed algorithm but i dont know how to configure it.from my research i just found load balancing software which work using round robin concept such as pen and so on..so can anyone help me? for infomation,im the new one and never setup any network system before this...help me please...

net2sonic said...

I'm finish with basic wan load balancing BUT I got trouble with some secure sites - HTTPS, I mean session persistence. I read a comment on Vyatta forum that it can be solved with contrak enabled but I'm not success.
Pls help!
Thank you.

jerrysimila said...

Hi Roggy, on vyatta wan loadbalancing, have u ever tried it with url-filtering? it seems to fail when you run wan LB and webproxy at the same time, please advice if there is a way i can do WAN-LB and webproxy url-filtering on the same box.

Milan MaĊĦek said...

Hi Roggy, First - thanks for a tutorial. I have two comments, resp. one issue

1. better works for me when I add: set load-balancing wan enable-local-traffic. Than dns resolving works much better.

2. How to set up inbound traffic properly?
Have you tried ping your router from the internet? And because I have some port forwarding as well. Only way how to make it working I have found at http://www.vyatta.org/forum/viewtopic.php?t=2410. set protocols static ...distance.

Shepherd said...

Hi Roggy

Thanks for all your video's really helpful. i am having trouble with wan load balancing on Vc6. Pinging works fine but browsing is slow and most pages timeout. When i disconnect one link everything works well and at a better speed. feels like a DNS issue, i have both ISP dns servers setup in dns forwarding, so don't know what is causing the problem.

PedroCaamal said...

<Hi my friend Roggy. Well at de moment I student and I have a problem. I need to balance 4 modems. You think with vyatta I can do that thing??? I really need your help my friend. see you soon

PedroCaamal said...

<Hi my friend Roggy. Well at de moment I student and I have a problem. I need to balance 4 modems. You think with vyatta I can do that thing??? I really need your help my friend. see you soon

Elvis Lam said...

Would there be any problem with Source NAT removed?

Elvis

Elvis Lam said...

Would there be any problem with Source NAT removed?

Elvis