HAProxy ALOHA Documentation 15.5

UDP

To load balance UDP services, use a Linux Virtual Server (LVS) load balancer in NAT mode to perform the load balancing at layer 4. In this scenario, responses from servers flow through HAProxy ALOHA (that is, not Direct Server Return).

Enable Destination NAT

Configure LVS so that it translates the destination IP from the public IP on which HAProxy ALOHA listens to the backend server's private IP.

  1. In the web UI's LB Layer4 tab, add the mode nat directive to your existing configuration.

    director web 10.0.0.3:8000 UDP
  balance leastconn
  mode nat
  server web1 10.0.0.20:8000 weight 10 check

  2. Click OK and Apply.

  3. Click on the Setup tab. In the Configuration section, click Save.

Enable Source NAT

Create iptables NAT rules to translate the client's source IP to the HAProxy ALOHA appliance's IP.

There are two example configurations.

  • One network interface

    --------+-------- 10.0.0.0/24, VIPs, backend servers
        |
        | eth0
   +---------+
   |         |
   |  ALOHA  |
   |         |
   +---------+

  • Two network interfaces

    --------+-------- 10.0.0.0/24, VIPs
        |
        | eth0
   +---------+
   |         |
   |  ALOHA  |
   |         |
   +---------+
        | eth1
        |
--------+-------- 10.0.3.0/24, backend servers

  1. In the NAT tab, click Insert insert_icon to add a new NAT rule.

  2. In the New Rule area, fill in the fields as directed below.

    Field

    Description

    IN

    Inbound network interface

    OUT

    Outbound network interface. In a configuration with one network interface, this should be the same as the inbound interface. In a configuration with two interfaces, this interface should be different from the inbound interface.

    Protocol

    UDP

  3. In the Before area, fill in the fields as directed below.

    Field

    Value

    Example

    Source

    Blank

    Source port

    Blank

    Destination

    VIP address

    10.0.0.3

    Destination port

    UDP port or range

    8000, or 50000-51000

  4. In the After area, fill in the fields as directed below.

    Field

    Value

    Example

    Source

    VIP address

    10.0.0.3

    Source port

    Blank

    Destination

    Blank

    Destination port

    Blank

  5. Check your configuration.

    One network interface.

    https://cdn.haproxy.com/documentation/aloha/latest/assets/form_source_nat-d88874360f3bc9b5e679953159f2d9ab771bc04043c81819fa54aad22e6273a5.png

    Two network interfaces.

    https://cdn.haproxy.com/documentation/aloha/latest/assets/form_source_nat-2-af2ca8b55d28bd8585ac8a90816ca7697ecf18e22e8f0019874f4372cbd7dfc9.png

  6. Click Add apply_icon and Apply.

  7. On the Setup tab, in the Configuration section, click Save.

Enable LVS connection tracking

NAT relies on the connection tracking information so that it can translate all of the packets in a session in the same way.

  1. Click the Services tab.

  2. Locate the lvs service and click Setup setup_icon.

  3. Enable connection tracking through the conntrack keyword.

    service lvs
  ############ Linux Virtual Server, layer 3/4 load balancing
  conntrack

  4. Click OK and then Close.

  5. Locate the lvs service and click Restart restart_icon.

  6. Click on the Setup tab. In the Configuration section, click Save.

Next up

Direct Server Return