|
Hello,
On Mon, 20 Aug 2001, Bruce Pennypacker wrote:
> According to the documentation about lvs-dr it indicates that no default
> gateway is desired for the director. The configuration perl script
> apparently checks for this and generates an error if a gateway is found for
> the director in the lvs-dr.conf file. Can somebody explain why this should
> not be set? I looked (briefly) for an explaination but couldn't find one.
This should be optional, IMO.
> The reason I'm asking is that the lack of a default gateway on the director
> causes an obvious problem if you set up the director as a local node to
> handle traffic like DNS. The server won't be able to resolve DNS queries
Then the method is not DR, it is now LocalNode. But now I remember
that the LN method is implicitly selected if the real server IP is a local
one. So, you can specify -m to select NAT method and this can not delete
the default route - I don't know how the configure script works. Then
LVS will automatically change the method from NAT to LN.
> without a gateway since it wouldn't be able to access any systems outside
> the local network. I tried a quick test and adding a default gateway to our
> director didn't seem like it caused any unusual problems. Is it safe to do
> this if we plan on using the director as a local DNS node as well?
Yes, you need default gateway to talk with clients. You can
delete your default gateway only for security reasons. This is possible
only for DR and TUN methods where the replies from the real servers
has their own path, i.e. not through the director. For NAT and LN you need
route to the clients which is usually the default route.
You have to ask Joe whether the default route is always deleted
or there is an option to preserve it. Removing the default routes violates
standards if the director needs to reply with ICMP errors, eg.
Fragmentation needed, etc. But usually this is not a problem for most of
the setups.
> Thanks!
>
> -Bruce
Regards
--
Julian Anastasov <ja@xxxxxx>
|
