diff options
author | Joerg Zinke <zinke@cvs.openbsd.org> | 2012-07-09 15:20:58 +0000 |
---|---|---|
committer | Joerg Zinke <zinke@cvs.openbsd.org> | 2012-07-09 15:20:58 +0000 |
commit | 5b4f8f5fd9354911af9e8882726a56aedfd6d6f9 (patch) | |
tree | 14110098c249c48d5045f36e6230ad1c32256ff3 | |
parent | 408ba7d2761195e2126b2fb29eea2077c9f5ce85 (diff) |
Enable support for the 'weight' keyword in the 'least-states'
load balancing case, this allows Weighted Least States (WLS).
Everything prepared on c2k11 with help from mcbride@.
This finally makes PF ready for the cloud.
ok henning@ mikeb@ pyr@
-rw-r--r-- | share/man/man5/pf.conf.5 | 7 | ||||
-rw-r--r-- | sys/net/pf_lb.c | 34 |
2 files changed, 33 insertions, 8 deletions
diff --git a/share/man/man5/pf.conf.5 b/share/man/man5/pf.conf.5 index 3d9f5d46444..e22d97a5120 100644 --- a/share/man/man5/pf.conf.5 +++ b/share/man/man5/pf.conf.5 @@ -1,4 +1,4 @@ -.\" $OpenBSD: pf.conf.5,v 1.516 2012/07/09 14:05:35 henning Exp $ +.\" $OpenBSD: pf.conf.5,v 1.517 2012/07/09 15:20:57 zinke Exp $ .\" .\" Copyright (c) 2002, Daniel Hartmeier .\" All rights reserved. @@ -970,7 +970,10 @@ destination with The .Ar least-states option selects the address with the least active states from -a given address pool. +a given address pool and considers given weights +associated with address(es). +Weights can be specified between 1 and 65535. +Addresses with higher weights are selected more often. .Pp .Ar sticky-address can be specified to ensure that multiple connections from the diff --git a/sys/net/pf_lb.c b/sys/net/pf_lb.c index a88bce0f669..8f52fc6594f 100644 --- a/sys/net/pf_lb.c +++ b/sys/net/pf_lb.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pf_lb.c,v 1.20 2012/02/03 01:57:51 bluhm Exp $ */ +/* $OpenBSD: pf_lb.c,v 1.21 2012/07/09 15:20:57 zinke Exp $ */ /* * Copyright (c) 2001 Daniel Hartmeier @@ -52,6 +52,7 @@ #include <sys/proc.h> #include <sys/rwlock.h> #include <sys/syslog.h> +#include <sys/stdint.h> #include <crypto/md5.h> @@ -287,6 +288,8 @@ pf_map_addr(sa_family_t af, struct pf_rule *r, struct pf_addr *saddr, struct pf_src_node k; u_int64_t states; u_int16_t weight; + u_int64_t load; + u_int64_t cload; if (sns[type] == NULL && rpool->opts & PF_POOL_STICKYADDR && (rpool->opts & PF_POOL_TYPEMASK) != PF_POOL_NONE) { @@ -477,6 +480,15 @@ pf_map_addr(sa_family_t af, struct pf_rule *r, struct pf_addr *saddr, return (1); states = rpool->states; + weight = rpool->weight; + + if ((rpool->addr.type == PF_ADDR_TABLE && + rpool->addr.p.tbl->pfrkt_refcntcost > 0) || + (rpool->addr.type == PF_ADDR_DYNIFTL && + rpool->addr.p.dyn->pfid_kt->pfrkt_refcntcost > 0)) + load = ((UINT16_MAX * rpool->states) / rpool->weight); + else + load = states; PF_ACPY(&faddr, &rpool->counter, af); @@ -507,10 +519,21 @@ pf_map_addr(sa_family_t af, struct pf_rule *r, struct pf_addr *saddr, } else if (pf_match_addr(0, raddr, rmask, &rpool->counter, af)) return (1); - + + if ((rpool->addr.type == PF_ADDR_TABLE && + rpool->addr.p.tbl->pfrkt_refcntcost > 0) || + (rpool->addr.type == PF_ADDR_DYNIFTL && + rpool->addr.p.dyn->pfid_kt->pfrkt_refcntcost > 0)) + cload = ((UINT16_MAX * rpool->states) + / rpool->weight); + else + cload = rpool->states; + /* find lc minimum */ - if (states > rpool->states) { + if (cload < load) { states = rpool->states; + weight = rpool->weight; + load = cload; PF_ACPY(naddr, &rpool->counter, af); if (init_addr != NULL && @@ -563,11 +586,10 @@ pf_map_addr(sa_family_t af, struct pf_rule *r, struct pf_addr *saddr, if ((rpool->opts & PF_POOL_TYPEMASK) == PF_POOL_LEASTSTATES) addlog(" with state count %llu", states); - if (((rpool->addr.type == PF_ADDR_TABLE && + if ((rpool->addr.type == PF_ADDR_TABLE && rpool->addr.p.tbl->pfrkt_refcntcost > 0) || (rpool->addr.type == PF_ADDR_DYNIFTL && - rpool->addr.p.dyn->pfid_kt->pfrkt_refcntcost > 0)) && - ((rpool->opts & PF_POOL_TYPEMASK) != PF_POOL_LEASTSTATES)) + rpool->addr.p.dyn->pfid_kt->pfrkt_refcntcost > 0)) addlog(" with weight %u", weight); addlog("\n"); } |