diff options
| author | Reyk Floeter <reyk@cvs.openbsd.org> | 2014-12-18 20:55:02 +0000 |
|---|---|---|
| committer | Reyk Floeter <reyk@cvs.openbsd.org> | 2014-12-18 20:55:02 +0000 |
| commit | 5f4b891e0c9b089b6d923059a4db3a6979185ec6 (patch) | |
| tree | afd3da5a4bdd4f74b5e8411f184e25513b711723 /usr.sbin/relayd/relayd.conf.5 | |
| parent | fe8fa04acc24eabfd1e3a2f0043e099d8e6c423c (diff) | |
Update relayd to use siphash instead of sys/hash. The source-hash,
loadbalance and hash modes use a random key by default that can be
forced to be a static key with a new configuration argument.
With input from Max Fillinger.
ok tedu@
Diffstat (limited to 'usr.sbin/relayd/relayd.conf.5')
| -rw-r--r-- | usr.sbin/relayd/relayd.conf.5 | 34 |
1 files changed, 24 insertions, 10 deletions
diff --git a/usr.sbin/relayd/relayd.conf.5 b/usr.sbin/relayd/relayd.conf.5 index e570fc80c32..6c8d23d54f2 100644 --- a/usr.sbin/relayd/relayd.conf.5 +++ b/usr.sbin/relayd/relayd.conf.5 @@ -1,4 +1,4 @@ -.\" $OpenBSD: relayd.conf.5,v 1.153 2014/12/12 10:05:09 reyk Exp $ +.\" $OpenBSD: relayd.conf.5,v 1.154 2014/12/18 20:55:01 reyk Exp $ .\" .\" Copyright (c) 2006 - 2014 Reyk Floeter <reyk@openbsd.org> .\" Copyright (c) 2006, 2007 Pierre-Yves Ritschard <pyr@openbsd.org> @@ -15,7 +15,7 @@ .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. .\" -.Dd $Mdocdate: December 12 2014 $ +.Dd $Mdocdate: December 18 2014 $ .Dt RELAYD.CONF 5 .Os .Sh NAME @@ -390,10 +390,10 @@ This will override the global timeout, which is 200 milliseconds by default. The following options will set the scheduling algorithm to select a host from the specified table: .Bl -tag -width Ds -.It Ic mode hash +.It Ic mode hash Op Ar key Balances the outgoing connections across the active hosts based on the -hashed name of the relay, the hashed name of the table, and the IP -address and port of the relay. +.Ar key , +IP address and port of the relay. Additional input can be fed into the hash by looking at HTTP headers and GET variables; see the @@ -406,10 +406,10 @@ active .Xr pf 4 states. This mode is only supported by redirections. -.It Ic mode loadbalance +.It Ic mode loadbalance Op Ar key Balances the outgoing connections across the active hosts based on the -hashed name of the relay, the hashed name of the table, the source IP -address of the client, and the IP address and port of the relay. +.Ar key , +the source IP address of the client, and the IP address and port of the relay. This mode is only supported by relays. .It Ic mode random Distributes the outgoing connections randomly through all active hosts. @@ -419,12 +419,26 @@ Distributes the outgoing connections using a round-robin scheduler through all active hosts. This is the default mode and will be used if no option has been specified. This mode is supported by redirections and relays. -.It Ic mode source-hash +.It Ic mode source-hash Op Ar key Balances the outgoing connections across the active hosts based on the -hashed name of the redirection or relay, the hashed name of the table, +.Ar key and the source IP address of the client. This mode is only supported by relays. .El +.Pp +The optional +.Ar key +argument can be specified for the +.Ic hash , +.Ic loadbalance , +and +.Ic source-hash +modes as either an hex value with a leading +.Ar 0x +or as a string. +If omitted, +.Xr relayd 8 +generates a random key when the configuration is loaded. .Sh REDIRECTIONS Redirections represent a .Xr pf 4 |