|
Hello,
On Mon, 22 Apr 2002, Joseph Mack wrote:
> > > ->(Does this help for the director?)
> >
> > iptables should see packets when proxy ARP is used. Can
> > you explain what you mean?
>
> in
>
> http://www.tldp.org/HOWTO/Adv-Routing-HOWTO-16.html#ss16.1
>
> it says that iptables doesn't see bridged packets.
True, but the "bridged", not the packets when proxy ARP is used.
> My original idea was to send packets from the realservers in LVS-DR through
> a bridging director, to solve the martian problem. The reply I got was that
Possible if you are using Linux Bridging and not proxy ARP.
The real servers should use the uplink router IP as GW.
> the director would still see these packets as martians. Presumably the
> upper layers are looking at the IP addresses.
> > With the Linux Bridging Linux is fully functional Layer 2 Switch.
>
> will martian packets be bridged?
Yes
> > Joe, can you send me reference to this (date?), I remember
> > something similar we talked but don't remember the context. It is
> > true only for proxy ARP or for Bridging when DIP is used as GW IP,
> > see below:
>
> it was a long time ago. I've restated my question above and we can start
> again if you like. It looks like new bridging code has arrived since then,
> so we have a new situation anyhow.
No, may be we talked about proxy ARP
> so would this solve the martian problem?
>
> will this solve the problem of the original posting (allowing clients
> to access a server, while the server is being built into a working
> LVS without breaking service to the clients)?
Yes, if I understand correctly the goal. Serge Sozonoff may be
was one of the first who tried bridging for something like this. But
note that I don't see that the Bridging can help something to the LVS
setups. Remember, it is transparent. You can do the same without
bridging. As for the "martian" problem - the same: the real servers
should use the uplink router's IP as GW, if they use the DIP then
we have the same problem.
> Joe
Regards
--
Julian Anastasov <ja@xxxxxx>
|
