|
> >> 1. Is it possible to use DR without having to have each webserver
> >> use a uniqe real IP address. Basically I have a DMZ with a limeted
> number
> >> of IP addresses and I will need most of them for VIPs.
> >
> > Technically yes, though the Real servers will not be able to intiate
> > connections to the outside world if they are sitting on RFC 1918
> addresses.
> > But they should be able to reply to LVSed traffic as the source
> > address apply will be set to the VIP.
>
> OK, I tried this but when I have eth0 = 192.168.x.x and lo:1 =
> 216.94.x.110 on the RSs the system wont let me set a default route of
> 216.94.x.97 which would be the default route for the VIP. I get a "network
> not accessable" error. I got around this with "route add -net 216.94.x.96
> netmask 255.255.255.224 eth0" I can then add the proper default route but
> it still does not work, I am wondering if using tunneling would solve my
> problems. I think I am going to try that next.
correct me if i'm wrong, but i don't think you'd need your "real" ip's
(vip) route on the real server. the real server simply needs a gateway to
the internet. 192.168.whatever.1 could be a box with ip forwarding
enabled, or any other method to give that box an outgoing gateway. the gw
machine might need to allow packet forwarding from the vip instead of just
from the real server's ip.
am i way off here? i haven't tried it in a while.
-tcl.
|
