Last active
April 27, 2017 15:48
-
-
Save salekseev/f084b4d83f2ed4583178f9a1ae5402ae to your computer and use it in GitHub Desktop.
Script to to do UDP load balancing using NetFilter
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # enable forwarding | |
| echo 1 >| /proc/sys/net/ipv4/ip_forward | |
| # get softirq sharing between CPU cores for Receive Packet Steering | |
| # https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Performance_Tuning_Guide/network-rps.html | |
| for rxq in $(ls -1 /sys/class/net/*/queues/rx-*/rps_cpus) | |
| do | |
| echo $(taskset -p 1 | cut -d':' -f2 | tr -d '[:space:]') >| $rxq | |
| done | |
| # clear rules | |
| iptables -t filter -F | |
| iptables -t filter -X | |
| iptables -t nat -F | |
| iptables -t nat -X | |
| iptables -t mangle -F | |
| iptables -t mangle -X | |
| iptables -t filter -P INPUT ACCEPT | |
| iptables -t filter -P OUTPUT ACCEPT | |
| iptables -t filter -P FORWARD ACCEPT | |
| # dnats | |
| iptables -t nat -N DNAT8126 | |
| iptables -t nat -A DNAT8126 -p udp --dport 8125 -j REDIRECT --to-port 8126 | |
| iptables -t nat -N DNAT8127 | |
| iptables -t nat -A DNAT8127 -p udp --dport 8125 -j REDIRECT --to-port 8127 | |
| # round robin balance DNAT requests | |
| iptables -t nat -N ROUNDROBIN | |
| iptables -t nat -A ROUNDROBIN -m statistic --mode nth --every 2 --packet 0 -j DNAT8126 | |
| iptables -t nat -A ROUNDROBIN -m statistic --mode nth --every 2 --packet 1 -j DNAT8127 | |
| # despatch NEW connections to the round-robin chain | |
| iptables -t nat -A PREROUTING -p udp --dport 8125 -j ROUNDROBIN |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment