Changes to "CLUSTERIP" between r15 and r16

Changes to CLUSTERIP between r15 and r16

'''Load-balancer Less Load Balancing'''

There's not a lot of information on CLUSTERIP on the Internet for some reason.  It's an implementation of an older technique, made easier by an IPTables target extension.

   * Flavio's Technotalk on CLUSTERIP [http://flaviostechnotalk.com/wordpress/index.php/2005/06/12/loadbalancer-less-clusters-on-linux/] [http://web.archive.org/web/20070125103802/http://flaviostechnotalk.com/wordpress/index.php/2005/06/12/loadbalancer-less-clusters-on-linux/] [http://www.rkeene.org/projects/info/resources/projects/ipcluster/flavios-tech-talk-on-ipcluster.html]
   * "[Load Sharing with IPtables and Linux-HA | http://www.linux-ha.org/ClusterIP]"
   * Microsoft calls this technique "[Network Load Balancing | http://technet2.microsoft.com/windowsserver/en/library/358b9815-3cd3-4912-a75a-cae85ea8d5ab1033.mspx?mfr=true]"
   * [LARTC] has a longer explanation of the underlying mechanism in their article "How to do simple load-balancing with Linux without a single point of failure"
~~[test | http://lartc.org/autoloadbalance.php3]~~
(blank line)
[test | http://www.lartc.org/autoloadbalance.php3]
(blank line)
----
The way CLUSTERIP works is fairly simple.
   1. Every member of the cluster is attached to the same [broadcast domain];
   1. Every member of the cluster is configured with the same multicast MAC address;
   1. Each member of the cluster then filters out incoming packets they don't think they should handle:
   11. In an exclusive manner with respect to other nodes (i.e., no other member of the cluster will handle also think it is their packet);
   11. And in an inclusive manner with respect to packets (i.e., when all the nodes of the cluster are up every packet will get sent somewhere); also
   11. Using the following criteria normally:
   111. Based on source IP; or
   111. Based on source IP and source port; or
   111. Based on source IP and source port and dest port
   11. If a node is down, another node can notice and assume responsibility for its share of the incoming packets
   1. Outgoing packets are sent with the source IP and MAC address of the cluster, but the destination IP of the target and destination MAC address of the next-hop router (gateway)

From the above description, the major weakness of CLUSTERIP is shown.  Incoming packets are replicated N times (for every member of the cluster), thus CLUSTERIP (when used alone, other higher layer techniques can sometimes mitigate this) cannot be used to load-balance incoming traffic effectively.  Outgoing traffic is unaffected and will be split as evenly as the load-balancing scheme permits.

Legend

     Only in r15
     Only in r16
     -->      Modified slightly between r15 and r16