|
On Thu, 27 Sep 2001, Serge Sozonoff wrote:
> Hi,
>
> >the client sends a packet with src=CIP, dst=VIP (abbreviated
> CIP->VIP),
> >the realserver receives a packet with the dst rewritten
> (CIP->RIP). The
> >realserver replies (RIP->CIP). If this arrives at the client
> directly
> >(as happens when you don't have the director as the default gw
> of the realservers),
> >the packet is not recognised at part of any request the client
> made.
> >The reply packets have to be masqueraded on the way out.
>
>
> Hmmm, I see what you are saying.
>
> I am trying to figure out how Cisco do this, because this is
> what they do in the Cisco LocalDirector and it works. I will investigate
> further.
Apparently L4 switches check both layer2 (data-link) and layer3 (IP)
information before taking a decision.
Linux treats the packet at layer2 first. There it goes through bridging code,
it sees that the packet is not local and is forwarded as-is. It does not
arrive in layer3 processing code, where LVS works.
Probably if you do proxy-arp on the director with the default gateway's
address it may work. That way you have bridging in one direction (defgw->RS)
and routing in the other (RS-proxyarp->director->defgw).
Or if you can push the packet from the bridging code into the IP code it may
also work. This implies patching the kernel.
Radu-Adrian Feurdean
mailto: raf @ chez.com
----------------------------------------------------------
"The use of COBOL cripples the mind; its teaching should,
therefore, be regarded as a criminal offense." (Dijkstra)
|
