IPVS package !!

  • Hi !

    I would like to writte a IPVS package or add it into pfsense.
    Today i've compiled ipvs into a 6.2 FreeBSD kernel without erros.
    I will test ipvs algorithms tomorrow.

    Is there somebody interested in ?

    IPVS is a very powerfull load balancing tool :
    See this link for more details http://www.linuxvirtualserver.org/


  • Sure, we are interested if it works :)

  • Hi

    LVS compile fine into pfsense developer edition :)
    LVS / DR work very fine with linux, windows & bsd realserveurs

    I didn't managed to make LVS / NAT working with pf atm i need help plz !

    Here is the the little command history i've done to install ipvs

    download ipvs last port :
    #wget http://www.cultdeadsheep.org/~clement/FreeBSD/ipvs/ipvs-0.4.1.tar.gz
    #tar -xvzf ipvs-0.4.1.tar.gz

    edit uipc_socket.c and delete the line "#include "compat.h"
    #vi /usr/src/sys/kern/ uipc_socket.c

    apply the patchs

    cd ipvs-0.4.1/patch/6.0-RELEASE/

    patch -p0 < uipc_socket.c.patch

    patch -p0 < ip_input.c.patch

    patch -p0 < socketvar.h.patch

    patch -p0 < sys_conf_options.patch

    Compile new kernel

    cd /usr/src/sys/i386/conf


    add "options NF_SOCKOPT" to the new kernel


    config MYNEWKERNEL

    cd ../compile/MYKERNEL

    make depend


    make install

    Compile ipvs module:

    cd ipvs-0.4.1/patch/6.0-RELEASE


    make install

    cd ipvsadm

    mkdir -p -m 777 /man/man8


    make install

    Compile all ipvs scheduler modules:

    cd .. / schedulers



    make install

    Reboot with new kernel:


    load the module :

    kldload ipvs

    load a schedule module

    kldload ip_vs_rr

    test LVS :

    man ipvsadm

    NB : had to make a console upgrade of the firmware because ligthy didn't start after recomiling kernel.

    Sorry for my poor english.

  • Hi

    I think there is no need in LVS/NAT : indeed LVS/DR is more powerfull and work with pfsense but a little bit more difficult to configure on realservers.

    I will make a little tutorial for LVS / DR soon.

    I'm asking the developer team if they can add ipvs module into pfsense kernel
    then i will writte a package and tutorial for LVS / DR that seems to be the best LVS mod for performance and for pfsense .

    Thanks in advance !

  • Can it not be loaded with kldload?  This can be done as a package.

  • Hi !

    In fact what i'm asking is to patch the kernel and recompile it.
    Indeed LVS/DR need to rewritte "Dest Mac addr" of packets that are forwarded to real servers. I don't think it is possible to do that in only one package.
    ipvs and all scheduler can be loaded/unloaded with kldload.

    Thanks in advance

    This is the official readme file to install ipvs ( will not work )

    LVS on FreeBSD Version 0.4.0

      1. Patch the FreeBSD kernel:
              cp patch/OS-RELEASE/* /usr/src;
              cd /usr/src;
              patch -p0 < uipc_socket.c.patch
              patch -p0 < ip_input.c.patch
              patch -p0 < socketvar.h.patch
              patch -p0 < sys_conf_options.patch
              patch -p0 < sys_i386_conf_GENERIC.patch
      2. Rebuilding FreeBSD kernel:
              cd /usr/src/sys/arch/i386/conf;
              config GENERIC;
              cd ../compile/GENERIC;
              make depend;
              make install;
      3. Compile ipvs module:
              cd ipvs/
              cd ipvsadm/
              make install;
      4. Compile ipvs scheduler module:
      cd ipvs/
      cd schedulers/
              cd SCHEDULER-NAME/
      5. Reboot with new kernel:

  • I found a fresh port a hostated today :  i think it will be better than ipvs because ipvs packets are ignoring pf for incomning connection and a lot of options of original ipvs are not in the FreeBSD version … :(

    Could be hostated / relayd a good alternative ?
    A new port for relayd has been made : http://www.freebsd.org/cgi/cvsweb.cgi/ports/net/relayd/


  • Cool!  Did not notice that port.  That is newer than hostated.  That's what I would go with..

Log in to reply