Load balancing

From securityrouter.org, an OpenBSD-based firewall
Revision as of 15:32, 1 February 2012 by Anders (talk | contribs)
Jump to: navigation, search

The load balancer can dynamically redirect and route traffic. It can operate as

  • Load balancer
  • Application layer gateway
  • SSL accelerator
  • Transparent proxy
  • Internet failover

Currently, no graphical interface in the web administration exists. In the meantime, please use the plain-text configuration editor.

HTTPS (SSL) acceleration

This very simple example provides an HTTPS accelerator. If you are using the router exclusively as a layer 7 load balancer, it is usually sufficient to use only one Ethernet interface. Below is a more or less complete example.

interface em0 {
	address 192.168.0.100/24
	route default 192.168.0.1
}
load-balancer {
	table <servers> { 192.168.0.101 192.168.0.102 }
	relay "webservers" {
		listen on 192.168.0.100 port 443 ssl
		forward to <servers> port 80 mode loadbalance check tcp
	}
}
system {
	http-server {
		port 4433
	}
	authentication {
		user "admin" {
			password "veryhardpassword"
		}
	}
	dns {
		name-server 8.8.8.8
	}
}