[Linux-cluster] LVS: Not as a gateway?
isplist at logicore.net
isplist at logicore.net
Thu Nov 2 17:45:24 UTC 2006
> You would probably want direct routing. "Direct" means on the same network
> as the director, and able to use the same gateway to the outside world.
Yes, it's how I've got it set up. Only problem is, the web servers need to see
the LVS as their gateways no?
The last error I seem to have to conquer is;
///
Nov 2 11:24:49 lb52 nanny[3652]: READ to 192.168.1.94:80 timed out
Nov 2 11:24:52 lb52 nanny[3650]: READ to 192.168.1.92:80 timed out
Nov 2 11:24:54 lb52 nanny[3651]: READ to 192.168.1.93:80 timed out
///
Just seems complicated as heck. Here I have firewall's taking care of NAT.
Connections come into the network as real IP's, then are sent to the various
machines which are NAT'd.
So, if using LVS which are NAT'd under the firewall's, there's a double
weirdness there. Not just in the NAT itself but in how cache, session and
other services end up acting. I could change the LVS's to real IP's still
protected by the firewall's I guess.
> outside client would access services by sending a packet to your firewall,
> which would forward it to the director, then the director would choose an
> LVS "real server" to send it to for processing, and then the real server
> that got it would reply "directly" to the client without further
> intervention from the director machine.
Oh, I was not sure about this then. From what I've read, it seemed that the
LVS remains in the path once it is used. That would be fine so guess I just
need to solve this problem first.
Thanks.
Mike
More information about the Linux-cluster
mailing list