amiel / iptables-Tunnel
- Source
- Commits
- Network (1)
- Issues (0)
- Downloads (0)
- Wiki (1)
- Graphs
-
Branch:
master
Iptables tunnel allows you to easily forward local requests to another machine, and is meant to be used in conjunction with HAProxy.
| name | age | message | |
|---|---|---|---|
 |
README.textile | Tue Jun 09 18:00:14 -0700 2009 | |
| |
functions.sh | Tue Jun 09 17:37:17 -0700 2009 | |
| |
iptables_tunnel.sh | Wed Jun 10 18:08:18 -0700 2009 |
iptables Tunnel
Iptables tunnel allows you to easily forward local requests to another machine, and is meant to be used in conjunction with HAProxy.
Example
Assuming a HAProxy configuration with this in the listen section (10.0.1.3 is the local host):
server webA 10.0.1.3:5000 check port 5500 inter 2s
server webB 10.0.1.3:5001 check port 5501 inter 2s
Then a call like this will hook HAProxy (using ports 5001 and 5501) up to that host:
iptables_tunnel.sh add 1 10.0.1.5:3000NOTE: the reason for the seperate ports is to allow connections to continue to use a server until HAProxy sees that it is unavailable. (see discussion here: http://www.igvita.com/2008/12/02/zero-downtime-restarts-with-haproxy/)
WHY?
The need for iptables_tunnel came from the need to dynamically add and remove to/from the list of servers that HAProxy can load balance with (originally for use with amazon ec2).
Issues
The method iptables Tunnel is using to send requests to another host doesn’t seem to work if the originating request is coming to localhost,
so instead of making a request to localhost, HAProxy must use a local ip. If anyone has an answer to this please let me know.
