vyos/vyos-documentation
1
0
Fork 0
mirror of https://github.com/vyos/vyos-documentation.git synced 2025-12-16 10:32:02 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #1057 from nicolas-fort/T5014-nat-lb

Browse Source 
T5014: add NAT Load Balance commands and configuration example.
This commit is contained in:
Robert Göhler 2023-08-16 21:37:13 +02:00 committed by GitHub
commit a9624b5fc0
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 60 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

60
docs/configuration/nat/nat44.rst
View File

@ -283,6 +283,32 @@ Example of redirection:
set nat destination rule 10 translation redirect port 22 set nat destination rule 10 translation redirect port 22
NAT Load Balance
----------------
Advanced configuration can be used in order to apply source or destination NAT,
and within a single rule, be able to define multiple translated addresses,
so NAT balances the translations among them.
NAT Load Balance uses an algorithm that generates a hash and based on it, then
it applies corresponding translation. This hash can be generated randomly, or
can use data from the ip header: source-address, destination-address,
source-port and/or destination-port. By default, it will generate the hash
randomly.
When defining the translated address, called ``backends``, a ``weight`` must
be configured. This lets the user define load balance distribution according
to their needs. Them sum of all the weights defined for the backends should
be equal to 100. In oder words, the weight defined for the backend is the
percentage of the connections that will receive such backend.
.. cfgcmd:: set nat [source | destination] rule <rule> load-balance hash
[source-address | destination-address | source-port | destination-port
| random]
.. cfgcmd:: set nat [source | destination] rule <rule> load-balance backend
<x.x.x.x> weight <1-100>
Configuration Examples Configuration Examples
====================== ======================
@ -602,6 +628,40 @@ provide access to their internal resources, and require that a
connecting organisation translate all traffic to the service provider connecting organisation translate all traffic to the service provider
network to a source address provided by the ASP. network to a source address provided by the ASP.
Load Balance
------------
Here we provide two examples on how to apply NAT Load Balance.
First scenario: apply destination NAT for all HTTP traffic comming through
interface eth0, and user 4 backends. First backend should received 30% of
the request, second backend should get 20%, third 15% and the fourth 35%
We will use source and destination address for hash generation.
.. code-block:: none
set nat destination rule 10 inbound-interface eth0
set nat destination rule 10 protocol tcp
set nat destination rule 10 destination port 80
set nat destination rule 10 load-balance hash source-address
set nat destination rule 10 load-balance hash destination-address
set nat destination rule 10 laod-balance backend 198.51.100.101 weight 30
set nat destination rule 10 laod-balance backend 198.51.100.102 weight 20
set nat destination rule 10 laod-balance backend 198.51.100.103 weight 15
set nat destination rule 10 laod-balance backend 198.51.100.104 weight 35
Second scenario: apply source NAT for all outgoing connections from
LAN 10.0.0.0/8, using 3 public addresses and equal distribution.
We will generate the hash randomly.
.. code-block:: none
set nat source rule 10 outbound-interface eth0
set nat source rule 10 source address 10.0.0.0/8
set nat source rule 10 load-balance hash random
set nat source rule 10 load-balance backend 192.0.2.251 weight 33
set nat source rule 10 load-balance backend 192.0.2.252 weight 33
set nat source rule 10 load-balance backend 192.0.2.253 weight 34
Example Network Example Network
^^^^^^^^^^^^^^^ ^^^^^^^^^^^^^^^