It would be nice to have the nftables numgen module, it can be used as an one arm l4 load balancing implementation like Kubernetes's cluster. IPVS only works for netfilters and the iptables ipvs module is also missing.
Include where?
In OpenWRT it is included since forever.
root@OpenWrt:~# nft -c -d netlink -f - << EOF
> table ip t {
> chain c {
> mark set numgen inc mod 4 offset 3
> mark set numgen random mod 50 offset 20
> mark set numgen inc mod 100
> }
> }
> EOF
ip (null) (null) use 0
ip t c
[ numgen reg 1 = inc mod 4 offset 3 ]
[ meta set mark with reg 1 ]
ip t c
[ numgen reg 1 = random mod 50 offset 20 ]
[ meta set mark with reg 1 ]
ip t c
[ numgen reg 1 = inc mod 100 ]
[ meta set mark with reg 1 ]
root@OpenWrt:~# uname -r
5.10.221
root@OpenWrt:~# opkg search /lib/modules/*/nft_numgen.ko
kmod-nft-core - 5.10.221-1
(it is first example of netfilter numgen documentation ran on OpenWRT 22.03.7)
2 Likes
Based on the snippet shared by @brada4 , it does appear that this is standard in OpenWrt.
Closing this thread since there is no new feature needed here.