Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 1 | # |
| 2 | # IP Virtual Server configuration |
| 3 | # |
Jan Engelhardt | a6938a1 | 2007-05-23 14:48:10 -0700 | [diff] [blame] | 4 | menuconfig IP_VS |
David S. Miller | f901b644 | 2008-10-11 12:18:04 -0700 | [diff] [blame] | 5 | tristate "IP virtual server support" |
Julian Anastasov | f4bc17c | 2010-09-21 17:35:41 +0200 | [diff] [blame] | 6 | depends on NET && INET && NETFILTER |
Patrick McHardy | dba4490d | 2010-11-18 08:20:57 +0000 | [diff] [blame] | 7 | depends on (NF_CONNTRACK || NF_CONNTRACK=n) |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 8 | ---help--- |
| 9 | IP Virtual Server support will let you build a high-performance |
| 10 | virtual server based on cluster of two or more real servers. This |
| 11 | option must be enabled for at least one of the clustered computers |
| 12 | that will take care of intercepting incoming connections to a |
| 13 | single IP address and scheduling them to real servers. |
| 14 | |
| 15 | Three request dispatching techniques are implemented, they are |
| 16 | virtual server via NAT, virtual server via tunneling and virtual |
| 17 | server via direct routing. The several scheduling algorithms can |
| 18 | be used to choose which server the connection is directed to, |
| 19 | thus load balancing can be achieved among the servers. For more |
| 20 | information and its administration program, please visit the |
| 21 | following URL: <http://www.linuxvirtualserver.org/>. |
| 22 | |
| 23 | If you want to compile it in kernel, say Y. To compile it as a |
| 24 | module, choose M here. If unsure, say N. |
| 25 | |
Jan Engelhardt | a6938a1 | 2007-05-23 14:48:10 -0700 | [diff] [blame] | 26 | if IP_VS |
| 27 | |
Julius Volz | fab0de0 | 2008-09-02 15:55:32 +0200 | [diff] [blame] | 28 | config IP_VS_IPV6 |
Julius Volz | 0537ae6 | 2008-10-19 23:29:56 -0700 | [diff] [blame] | 29 | bool "IPv6 support for IPVS" |
Simon Horman | 2890a15 | 2010-08-02 17:08:11 +0200 | [diff] [blame] | 30 | depends on IPV6 = y || IP_VS = IPV6 |
Jesper Dangaard Brouer | 63dca2c | 2012-09-26 14:06:41 +0200 | [diff] [blame] | 31 | select IP6_NF_IPTABLES |
Julius Volz | fab0de0 | 2008-09-02 15:55:32 +0200 | [diff] [blame] | 32 | ---help--- |
Jesper Dangaard Brouer | 2f74713 | 2012-09-26 14:06:59 +0200 | [diff] [blame] | 33 | Add IPv6 support to IPVS. |
Julius Volz | fab0de0 | 2008-09-02 15:55:32 +0200 | [diff] [blame] | 34 | |
Jesper Dangaard Brouer | 2f74713 | 2012-09-26 14:06:59 +0200 | [diff] [blame] | 35 | Say Y if unsure. |
Julius Volz | fab0de0 | 2008-09-02 15:55:32 +0200 | [diff] [blame] | 36 | |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 37 | config IP_VS_DEBUG |
| 38 | bool "IP virtual server debugging" |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 39 | ---help--- |
| 40 | Say Y here if you want to get additional messages useful in |
| 41 | debugging the IP virtual server code. You can change the debug |
| 42 | level in /proc/sys/net/ipv4/vs/debug_level |
| 43 | |
| 44 | config IP_VS_TAB_BITS |
| 45 | int "IPVS connection table size (the Nth power of 2)" |
Sven Wegener | 2206a3f | 2008-09-08 13:38:11 +0200 | [diff] [blame] | 46 | range 8 20 |
| 47 | default 12 |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 48 | ---help--- |
| 49 | The IPVS connection hash table uses the chaining scheme to handle |
| 50 | hash collisions. Using a big IPVS connection hash table will greatly |
| 51 | reduce conflicts when there are hundreds of thousands of connections |
| 52 | in the hash table. |
| 53 | |
| 54 | Note the table size must be power of 2. The table size will be the |
| 55 | value of 2 to the your input number power. The number to choose is |
| 56 | from 8 to 20, the default number is 12, which means the table size |
| 57 | is 4096. Don't input the number too small, otherwise you will lose |
| 58 | performance on it. You can adapt the table size yourself, according |
| 59 | to your virtual server application. It is good to set the table size |
| 60 | not far less than the number of connections per second multiplying |
| 61 | average lasting time of connection in the table. For example, your |
| 62 | virtual server gets 200 connections per second, the connection lasts |
| 63 | for 200 seconds in average in the connection table, the table size |
| 64 | should be not far less than 200x200, it is good to set the table |
| 65 | size 32768 (2**15). |
| 66 | |
| 67 | Another note that each connection occupies 128 bytes effectively and |
| 68 | each hash entry uses 8 bytes, so you can estimate how much memory is |
| 69 | needed for your box. |
| 70 | |
Catalin(ux) M. BOIE | 6f7edb4 | 2010-01-05 05:50:24 +0100 | [diff] [blame] | 71 | You can overwrite this number setting conn_tab_bits module parameter |
| 72 | or by appending ip_vs.conn_tab_bits=? to the kernel command line |
| 73 | if IP VS was compiled built-in. |
| 74 | |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 75 | comment "IPVS transport protocol load balancing support" |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 76 | |
| 77 | config IP_VS_PROTO_TCP |
| 78 | bool "TCP load balancing support" |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 79 | ---help--- |
| 80 | This option enables support for load balancing TCP transport |
| 81 | protocol. Say Y if unsure. |
| 82 | |
| 83 | config IP_VS_PROTO_UDP |
| 84 | bool "UDP load balancing support" |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 85 | ---help--- |
| 86 | This option enables support for load balancing UDP transport |
| 87 | protocol. Say Y if unsure. |
| 88 | |
Julius Volz | 409a196 | 2008-08-22 14:06:12 +0200 | [diff] [blame] | 89 | config IP_VS_PROTO_AH_ESP |
Michal Marek | 72c7664 | 2010-07-05 10:42:37 +0200 | [diff] [blame] | 90 | def_bool IP_VS_PROTO_ESP || IP_VS_PROTO_AH |
Julius Volz | 409a196 | 2008-08-22 14:06:12 +0200 | [diff] [blame] | 91 | |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 92 | config IP_VS_PROTO_ESP |
| 93 | bool "ESP load balancing support" |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 94 | ---help--- |
Matt LaPlante | 44c0920 | 2006-10-03 22:34:14 +0200 | [diff] [blame] | 95 | This option enables support for load balancing ESP (Encapsulation |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 96 | Security Payload) transport protocol. Say Y if unsure. |
| 97 | |
| 98 | config IP_VS_PROTO_AH |
| 99 | bool "AH load balancing support" |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 100 | ---help--- |
| 101 | This option enables support for load balancing AH (Authentication |
| 102 | Header) transport protocol. Say Y if unsure. |
| 103 | |
Venkata Mohan Reddy | 2906f66 | 2010-02-18 12:31:05 +0100 | [diff] [blame] | 104 | config IP_VS_PROTO_SCTP |
| 105 | bool "SCTP load balancing support" |
| 106 | select LIBCRC32C |
| 107 | ---help--- |
| 108 | This option enables support for load balancing SCTP transport |
| 109 | protocol. Say Y if unsure. |
| 110 | |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 111 | comment "IPVS scheduler" |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 112 | |
| 113 | config IP_VS_RR |
| 114 | tristate "round-robin scheduling" |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 115 | ---help--- |
| 116 | The robin-robin scheduling algorithm simply directs network |
| 117 | connections to different real servers in a round-robin manner. |
| 118 | |
| 119 | If you want to compile it in kernel, say Y. To compile it as a |
| 120 | module, choose M here. If unsure, say N. |
| 121 | |
| 122 | config IP_VS_WRR |
Florian Fainelli | ae24e57 | 2009-12-22 09:42:06 +0100 | [diff] [blame] | 123 | tristate "weighted round-robin scheduling" |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 124 | ---help--- |
| 125 | The weighted robin-robin scheduling algorithm directs network |
| 126 | connections to different real servers based on server weights |
| 127 | in a round-robin manner. Servers with higher weights receive |
| 128 | new connections first than those with less weights, and servers |
| 129 | with higher weights get more connections than those with less |
| 130 | weights and servers with equal weights get equal connections. |
| 131 | |
| 132 | If you want to compile it in kernel, say Y. To compile it as a |
| 133 | module, choose M here. If unsure, say N. |
| 134 | |
| 135 | config IP_VS_LC |
| 136 | tristate "least-connection scheduling" |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 137 | ---help--- |
| 138 | The least-connection scheduling algorithm directs network |
| 139 | connections to the server with the least number of active |
| 140 | connections. |
| 141 | |
| 142 | If you want to compile it in kernel, say Y. To compile it as a |
| 143 | module, choose M here. If unsure, say N. |
| 144 | |
| 145 | config IP_VS_WLC |
| 146 | tristate "weighted least-connection scheduling" |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 147 | ---help--- |
| 148 | The weighted least-connection scheduling algorithm directs network |
| 149 | connections to the server with the least active connections |
| 150 | normalized by the server weight. |
| 151 | |
| 152 | If you want to compile it in kernel, say Y. To compile it as a |
| 153 | module, choose M here. If unsure, say N. |
| 154 | |
Kenny Mathis | 616a9be | 2014-09-09 09:20:15 -0400 | [diff] [blame] | 155 | config IP_VS_FO |
| 156 | tristate "weighted failover scheduling" |
| 157 | ---help--- |
| 158 | The weighted failover scheduling algorithm directs network |
| 159 | connections to the server with the highest weight that is |
| 160 | currently available. |
| 161 | |
| 162 | If you want to compile it in kernel, say Y. To compile it as a |
| 163 | module, choose M here. If unsure, say N. |
| 164 | |
Raducu Deaconu | eefa32d | 2015-07-17 08:45:40 +0300 | [diff] [blame] | 165 | config IP_VS_OVF |
| 166 | tristate "weighted overflow scheduling" |
| 167 | ---help--- |
| 168 | The weighted overflow scheduling algorithm directs network |
| 169 | connections to the server with the highest weight that is |
| 170 | currently available and overflows to the next when active |
| 171 | connections exceed the node's weight. |
| 172 | |
| 173 | If you want to compile it in kernel, say Y. To compile it as a |
| 174 | module, choose M here. If unsure, say N. |
| 175 | |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 176 | config IP_VS_LBLC |
| 177 | tristate "locality-based least-connection scheduling" |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 178 | ---help--- |
| 179 | The locality-based least-connection scheduling algorithm is for |
| 180 | destination IP load balancing. It is usually used in cache cluster. |
| 181 | This algorithm usually directs packet destined for an IP address to |
| 182 | its server if the server is alive and under load. If the server is |
| 183 | overloaded (its active connection numbers is larger than its weight) |
| 184 | and there is a server in its half load, then allocate the weighted |
| 185 | least-connection server to this IP address. |
| 186 | |
| 187 | If you want to compile it in kernel, say Y. To compile it as a |
| 188 | module, choose M here. If unsure, say N. |
| 189 | |
| 190 | config IP_VS_LBLCR |
| 191 | tristate "locality-based least-connection with replication scheduling" |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 192 | ---help--- |
| 193 | The locality-based least-connection with replication scheduling |
| 194 | algorithm is also for destination IP load balancing. It is |
| 195 | usually used in cache cluster. It differs from the LBLC scheduling |
| 196 | as follows: the load balancer maintains mappings from a target |
| 197 | to a set of server nodes that can serve the target. Requests for |
| 198 | a target are assigned to the least-connection node in the target's |
| 199 | server set. If all the node in the server set are over loaded, |
| 200 | it picks up a least-connection node in the cluster and adds it |
| 201 | in the sever set for the target. If the server set has not been |
| 202 | modified for the specified time, the most loaded node is removed |
| 203 | from the server set, in order to avoid high degree of replication. |
| 204 | |
| 205 | If you want to compile it in kernel, say Y. To compile it as a |
| 206 | module, choose M here. If unsure, say N. |
| 207 | |
| 208 | config IP_VS_DH |
| 209 | tristate "destination hashing scheduling" |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 210 | ---help--- |
| 211 | The destination hashing scheduling algorithm assigns network |
| 212 | connections to the servers through looking up a statically assigned |
| 213 | hash table by their destination IP addresses. |
| 214 | |
| 215 | If you want to compile it in kernel, say Y. To compile it as a |
| 216 | module, choose M here. If unsure, say N. |
| 217 | |
| 218 | config IP_VS_SH |
| 219 | tristate "source hashing scheduling" |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 220 | ---help--- |
| 221 | The source hashing scheduling algorithm assigns network |
| 222 | connections to the servers through looking up a statically assigned |
| 223 | hash table by their source IP addresses. |
| 224 | |
| 225 | If you want to compile it in kernel, say Y. To compile it as a |
| 226 | module, choose M here. If unsure, say N. |
| 227 | |
| 228 | config IP_VS_SED |
| 229 | tristate "shortest expected delay scheduling" |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 230 | ---help--- |
| 231 | The shortest expected delay scheduling algorithm assigns network |
| 232 | connections to the server with the shortest expected delay. The |
| 233 | expected delay that the job will experience is (Ci + 1) / Ui if |
| 234 | sent to the ith server, in which Ci is the number of connections |
Matt LaPlante | cab0089 | 2006-10-03 22:36:44 +0200 | [diff] [blame] | 235 | on the ith server and Ui is the fixed service rate (weight) |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 236 | of the ith server. |
| 237 | |
| 238 | If you want to compile it in kernel, say Y. To compile it as a |
| 239 | module, choose M here. If unsure, say N. |
| 240 | |
| 241 | config IP_VS_NQ |
| 242 | tristate "never queue scheduling" |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 243 | ---help--- |
| 244 | The never queue scheduling algorithm adopts a two-speed model. |
| 245 | When there is an idle server available, the job will be sent to |
| 246 | the idle server, instead of waiting for a fast one. When there |
| 247 | is no idle server available, the job will be sent to the server |
| 248 | that minimize its expected delay (The Shortest Expected Delay |
| 249 | scheduling algorithm). |
| 250 | |
| 251 | If you want to compile it in kernel, say Y. To compile it as a |
| 252 | module, choose M here. If unsure, say N. |
| 253 | |
Michael Maxim | 76ad94f | 2011-12-08 10:55:09 -0500 | [diff] [blame] | 254 | comment 'IPVS SH scheduler' |
| 255 | |
| 256 | config IP_VS_SH_TAB_BITS |
| 257 | int "IPVS source hashing table size (the Nth power of 2)" |
| 258 | range 4 20 |
| 259 | default 8 |
| 260 | ---help--- |
| 261 | The source hashing scheduler maps source IPs to destinations |
| 262 | stored in a hash table. This table is tiled by each destination |
| 263 | until all slots in the table are filled. When using weights to |
| 264 | allow destinations to receive more connections, the table is |
| 265 | tiled an amount proportional to the weights specified. The table |
| 266 | needs to be large enough to effectively fit all the destinations |
| 267 | multiplied by their respective weights. |
| 268 | |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 269 | comment 'IPVS application helper' |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 270 | |
| 271 | config IP_VS_FTP |
| 272 | tristate "FTP protocol helper" |
Julian Anastasov | aaea4ed | 2012-07-07 20:32:12 +0300 | [diff] [blame] | 273 | depends on IP_VS_PROTO_TCP && NF_CONNTRACK && NF_NAT && \ |
| 274 | NF_CONNTRACK_FTP |
Julian Anastasov | f4bc17c | 2010-09-21 17:35:41 +0200 | [diff] [blame] | 275 | select IP_VS_NFCT |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 276 | ---help--- |
| 277 | FTP is a protocol that transfers IP address and/or port number in |
| 278 | the payload. In the virtual server via Network Address Translation, |
| 279 | the IP address and port number of real servers cannot be sent to |
| 280 | clients in ftp connections directly, so FTP protocol helper is |
| 281 | required for tracking the connection and mangling it back to that of |
| 282 | virtual service. |
| 283 | |
| 284 | If you want to compile it in kernel, say Y. To compile it as a |
| 285 | module, choose M here. If unsure, say N. |
| 286 | |
Julian Anastasov | f4bc17c | 2010-09-21 17:35:41 +0200 | [diff] [blame] | 287 | config IP_VS_NFCT |
| 288 | bool "Netfilter connection tracking" |
| 289 | depends on NF_CONNTRACK |
| 290 | ---help--- |
| 291 | The Netfilter connection tracking support allows the IPVS |
| 292 | connection state to be exported to the Netfilter framework |
| 293 | for filtering purposes. |
| 294 | |
Simon Horman | 758ff03 | 2010-08-22 21:37:55 +0900 | [diff] [blame] | 295 | config IP_VS_PE_SIP |
| 296 | tristate "SIP persistence engine" |
| 297 | depends on IP_VS_PROTO_UDP |
| 298 | depends on NF_CONNTRACK_SIP |
| 299 | ---help--- |
| 300 | Allow persistence based on the SIP Call-ID |
| 301 | |
Jan Engelhardt | a6938a1 | 2007-05-23 14:48:10 -0700 | [diff] [blame] | 302 | endif # IP_VS |