|
Load balance multiple IPv6 connections?
![[us]](/s/countries/us.gif) Shadow Hawkins on Monday, 02 January 2012 17:21:28
I have three IPv6 Tunnels, one with SixXS, one with HE and the generic 6to4 tunnel. That might seem pointless but what I am really trying to do is simulate how a deployment with multiple native IPv6 ISPs would work. My goals are to load balance sessions across the different connections and provide fault tolerance. The clients are end users that do not host services and do not care what their public address is. With IPv4 and NAT this was very easy; the router had the power to route outbound traffic to any interface it chose.
How would I do the same thing with IPv6? The problem I face is that each host on my local network has 3 IPv6 addresses, one for each tunnel prefix. I setup a routing map to send traffic through the appropriate tunnel based on the source address. However, I seem to be at the mercy of whatever source address the host selects. Even if I shutdown a tunnel the hosts still tries to use its address (and fails).
I am using a Cisco router, but this is more of a theoretical question than a question of how to configure the router.
Load balance multiple IPv6 connections?
![[cz]](/s/countries/cz.gif) Carmen Sandiego on Saturday, 04 February 2012 14:41:31
The proper way would be to obtain AS+PA/PI space and announce it through BGP. Because most of the providers without peering agreement will simply drop any _alien_ address (not from the attached/routed network). Even if you reach the agreement with upstreams - you will always get reply through the link of the originating address's ISP. With BGP you have some means to control the path towards your AS.
NAT is not meant for IPv6. At least for the moment. Couple of docs related to NAT problem:
http://workshop.netfilter.org/2011/wiki/images/a/ac/Ipv6_nat.pdf
http://tools.ietf.org/html/rfc5902
My personal opinion is that NAT is evil - the list of apps and protocols which broken by NAT (and workarounds for such NAT problems) is vast and endless, IPv6 is trying to solve this problem by avoiding nat at all.
Although of course no one can stop you to implement your own target for NF which does what you need - it will be you responsibility to make it working with the world around you.
Load balance multiple IPv6 connections?
![[ro]](/s/countries/ro.gif) Shadow Hawkins on Tuesday, 14 February 2012 15:28:27
Hello Stephen,
You could try on the Cisco to use 3 default routes to ::/0 with the same metric, and the router will send each pachet to the interfaces out, but, you'll have some issues with SSL and VPN, you'll have to make a route-map to choose the traffic that should not be "ballanced".
It works great for torrents, it does ok for browsing, it does not work for IKE.
You could try that.
Load balance multiple IPv6 connections?
![[no]](/s/countries/no.gif) Shadow Hawkins on Sunday, 26 February 2012 02:50:16
I think your problem is pretty artificial. If you had 3 links, you would typically have 3 nics attached. Thus having at least 3 ipv6 addresses and maybe 3 ipv4 addresses. Your problem now is that you probably have 1 ipv4 bound to your single nic, and three tunnel addresses to the same nic.
The way to do this in unix/ip, ios and junos is that you have separate routing tables for each port/nic. And rules defining what table to be used based on the destination subnet (your isp link net) and the adjacent nic.
This scenario is not intuitive without this exact setup. But it is possible to simulate by createing virtual interface that you forward all traffic originating from the desired ip, to. But this is not trivial, and not definitively not a generic solution.
Let me know how it works out :)
|
Posting is only allowed when you are