Hacker News new | past | comments | ask | show | jobs | submit login

There must be some magic happening somewhere, because otherwise outgoing packets would have the wrong source address.



You can use direct server return to manipulate the Ethernet frames so that packets don't travel back through the load balancer on the way to the parent switch.


That generally requires config on the serving hosts, which wasn't mentioned in the setup. I think I saw a reference to adding hosts with a different port number than the service port as well. For people in EC2-VPC (not classic), all their traffic is going through an Amazon NAT anyway, perhaps this new service is setting up translations there. (Note all the references to VPC, and never a mention of EC2-classic)


Direct Server Return works at layer 3 not layer 2, its routing and encapsulation - IP in IP, GRE etc.


You can do it at layer 2 as well, but it requires that the load balancer have an interface on the same broadcast domains as the hosts.


I am confused at how this would work. Can you elaborate? Also broadcast domain is a layer 3 construct.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: