Allow multiple ports for high-availability virtual-server
Request from the [[ https://forum.vyos.io/t/multiple-ports-for-high-availability-virtual-server/ | forum ]]
The current implementation allows using only one "virtual" port and several real servers ports
```
set high-availability virtual-server 203.0.113.1 port '8888'
set high-availability virtual-server 203.0.113.1 protocol 'tcp'
set high-availability virtual-server 203.0.113.1 real-server 192.0.2.11 port '80'
set high-availability virtual-server 203.0.113.1 real-server 192.0.2.12 port '80'
```
The syntax can be with rules:
```
set high-availability virtual-server 203.0.113.1 rule 10 port '8280'
set high-availability virtual-server 203.0.113.1 rule 10 protocol 'tcp'
set high-availability virtual-server 203.0.113.1 rule 10 real-server 192.0.2.11 port '80'
set high-availability virtual-server 203.0.113.1 rule 10 real-server 192.0.2.12 port '80'
set high-availability virtual-server 203.0.113.1 rule 20 port '443'
set high-availability virtual-server 203.0.113.1 rule 20 protocol 'tcp'
set high-availability virtual-server 203.0.113.1 rule 20 real-server 192.0.2.11 port '443'
set high-availability virtual-server 203.0.113.1 rule 20 real-server 192.0.2.12 port '443'
```
keepalive config
```
# Virtual-server configuration
virtual_server 203.0.113.1 8280 {
delay_loop 10
lb_algo lc
lb_kind NAT
persistence_timeout 300
protocol TCP
real_server 192.0.2.11 80 {
weight 1
TCP_CHECK {
}
}
real_server 192.0.2.12 80 {
weight 1
TCP_CHECK {
}
}
}
virtual_server 203.0.113.1 443 {
delay_loop 10
lb_algo lc
lb_kind NAT
persistence_timeout 300
protocol TCP
real_server 192.0.2.11 443 {
weight 1
TCP_CHECK {
}
}
real_server 192.0.2.12 443 {
weight 1
TCP_CHECK {
}
}
}
```
Other options that can be improved:
- all ports (port 0)
- fwmark
```
virtual_server 1.2.3.11 0 {
delay_loop 6
lb_algo wlc
lb_kind NAT
nat_mask 255.255.255.0
persistence_timeout 0
protocol TCP
real_server 1.2.3.5 0 {
weight 1
inhibit_on_failure
MISC_CHECK {
misc_path /usr/local/bin/check_both_http_and_http.sh 1.2.3.5
}
}
}
Or :
virtual_server fwmark 14 {
delay_loop 6
lb_algo wlc
lb_kind NAT
nat_mask 255.255.255.0
persistence_timeout 0
protocol TCP
real_server 1.2.3.5 0 {
weight 1
inhibit_on_failure
MISC_CHECK {
misc_path /usr/local/bin/check_both_http_and_http.sh 1.2.3.5
}
}
}
```
For packet marking
```
It can be added fwmark
```
set policy route PR interface 'eth0'
set policy route PR rule 10 destination address '203.0.113.1'
set policy route PR rule 10 destination port '80,8080,443,8888'
set policy route PR rule 10 protocol 'tcp'
set policy route PR rule 10 set mark '111'
set high-availability virtual-server 203.0.113.1 fwmark 111
set high-availability virtual-server 203.0.113.1 real-server 192.0.2.11 port '0'
```