|
> director:/etc/lvs# echo 0 > /proc/sys/net/ipv4/conf/all/send_redirects
> director:/etc/lvs# echo 0 > /proc/sys/net/ipv4/conf/default/send_redirects
> director:/etc/lvs# echo 0 > /proc/sys/net/ipv4/conf/eth0/send_redirects
>
> (Note: eth0 may be eth1 etc, on your machine).
>
> 2. Make the director the default and only route for outgoing packets.
>
> You will probably have set the routing on the real-server up like this
>
> realserver:/etc/lvs# netstat -r
> Kernel IP routing table
> Destination Gateway Genmask Flags MSS Window irtt
Iface
> 192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0
eth0
> 127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0
lo
> 0.0.0.0 director 0.0.0.0 UG 0 0 0
eth0
>
> Note the route to 192.168.1.0/24. This allows the real-server to send
packets
> to the client by just putting them out on eth0, where the client will
> pick them up directly (without being demasqueraded) and the LVS will
> not work.
>
> Remove the route to 192.168.1.0/24.
>
> realserver:/etc/lvs#route del -net 192.168.1.0 netmask 255.255.255.0 dev
eth0
>
> This will leave you with
>
> realserver:/etc/lvs# netstat -r
> Kernel IP routing table
> Destination Gateway Genmask Flags MSS Window irtt
Iface
> 127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0
lo
> 0.0.0.0 director 0.0.0.0 UG 0 0 0
eth0
>
> The VS-NAT LVS now works. If LVS is forwarding telnet, you can
> telnet from the client to the VIP and connect to the real-server.
Both of these (the echoes an the remove the route) do not seem to survive a
reboot. How can I get it to survive the reboots?
Thx.
Ivan
|
