Direct Routing and Real IPs

[Ryan Hulsker <rhulsker@xxxxxxxxxxxxxxxxx>]

        Just 3 questions...

        Basically all of these systems are running RH6.2 with the latest fixes from RH (as of 2 weeks ago, LVS 0.9.7 ) and I am wondering if any of the functionality I need is provided in the latest versions of LVS with the newer kernel.. Is it worth it to me to upgrade my LVS boxes, and re certify the system when I have to go live at the end of the month? Or do I need to go with a NAT configuration?

        1. Is it possible to use DR without having to have each webserver use a uniqe real IP address.  Basically I have a DMZ with a limeted number of IP addresses and I will need most of them for VIPs.

        2. I have noticed with my setup that LVS does not handle classless IPs well.  when lvs starts up the VIP the mask is always /24 or /16.  My range of real IPs is only a /27.  Is this my error, a known issue, or somthing that has been fixed?

        3. I have been trying to set LVS up so that I have multiple VIPs, and can simply add or remove any RS from any VS.  And I would also like to have any RS be a part of multiple VSs.  The only way I could get this to work in my test environment was to use multiple bogus IPs on the RSs so that two VS definitions could point at the same RS using different IPs.  I found that if the same RS IP was in two different VS configs one would be overridden and the RS would only participate in one VS.

Example.

        Real server 1 with
                lo:1 - VIP 1 - 216.94.x.100
                lo:2 - VIP 2 - 216.94.x.101
                eth0    192.168.1.1
                eth0:1  192.168.2.1

        Real server 2 with
                lo:1 - VIP 1 - 216.94.x.100
                lo:2 - VIP 2 - 216.94.x.101
                eth0    192.168.1.2
                eth0:1  192.168.2.2

---------------------------------------------------------------------------------------------

        VIP 1 config could look like this

        VS1 {
                server WS1 {
                        address = 192.168.1.1
                        active = 1
                        weight = 1
                        }

                server WS1 {
                        address = 192.168.1.2
                        active = 1
                        weight = 1
                        }
                }
---------------------------------------------------------------------------------------------

        VIP 2 config could look like this

        VS1 {
                server WS1 {
                        address = 192.168.2.1
                        active = 1
                        weight = 1
                        }

                server WS1 {
                        address = 192.168.2.2
                        active = 1
                        weight = 1
                        }
                }
---------------------------------------------------------------------------------------------

        Now both servers are particiating in both VIPs but I am using alot of IP addresses.  If these all have to be real IPs I am pooched.

        Of course this broke for various reasons when I moved the system into my DMZ.  The real servers would not let me configure the default route to the real default route unless a real network device was configured with an real IP on the same subnet as the default route.  And with the eventual config being 6 RSs and 4 VIPs I would use up at least 27 real ip addresses.

Ryan Hulsker
Unix Systems Admin
Service Intelligence.com