# Difference between revisions of "Load balancing"

From nftables wiki

(create page with basic content) |
(add NAT link) |
||

Line 1: | Line 1: | ||

− | Since nftables v0.7, there is support in place to perform NAT load balancing. | + | Since nftables v0.7, there is support in place to perform [[Performing Network Address Translation (NAT) | NAT]] load balancing. |

Don't forget the special NAT chain semantics: Only the first packet evaluates the rule, follow up packets rely on conntrack to apply the NAT information. | Don't forget the special NAT chain semantics: Only the first packet evaluates the rule, follow up packets rely on conntrack to apply the NAT information. |

## Revision as of 14:09, 5 January 2017

Since nftables v0.7, there is support in place to perform NAT load balancing.

Don't forget the special NAT chain semantics: Only the first packet evaluates the rule, follow up packets rely on conntrack to apply the NAT information.

## round robin

This method uses the nftables internal number generator.

The example below is distributing new connections in a round-robin fashion between 192.168.10.100 and 192.168.20.200.

```
% nft add rule nat prerouting dnat to numgen inc mod 2 map { \
0 : 192.168.10.100, \
1 : 192.168.20.200 }
```

You can also emulate flow distribution with different backend weights using intervals:

```
% nft add rule nat prerouting dnat to numgen inc mod 10 map { \
0-5 : 192.168.10.100, \
6-9 : 192.168.20.200 }
```

## consistent distribution

Using the nftables internal hashing mechanisms.

```
% nft add rule x y dnat to jhash ip saddr . tcp dport mod 2 map { \
0 : 192.168.20.100, \
1 : 192.168.30.100 }
```