RE: Question about LVS-DR setup

To:	"'djo@xxxxxxxxxxxxxxxxxxxxxx '" <djo@xxxxxxxxxxxxxxxxxxxxxx>, "''lvs-users@xxxxxxxxxxxxxxxxxxxxxx' '" <lvs-users@xxxxxxxxxxxxxxxxxxxxxx>
Subject:	RE: Question about LVS-DR setup
From:	Peter Mueller <pmueller@xxxxxxxxxxxx>
Date:	Mon, 17 Jun 2002 18:19:36 -0700

Sorry for the format, I'm using exchange web mail.  (at least it isn't HTML
.. I think...gulp)

You will need only one NIC, two preferably if you are running
LVS-NAT/masquarading.  The LVS code takes care of distributing it and
translating if you are doing LVS-NAT.  If you are using LVS-DR then you
should use public IPs.

If this comment doesn't explain the setup then please reply with a network
diagram / traffic flow of what you are thinking about.

Peter

-----Original Message-----
From: djo@xxxxxxxxxxxxxxxxxxxxxx
To: 'lvs-users@xxxxxxxxxxxxxxxxxxxxxx'
Sent: 6/17/2002 3:31 PM
Subject: Re: Question about LVS-DR setup

On Mon, Jun 17, 2002 at 02:10:48PM -0700, Peter Mueller wrote:
> > If that is the case, how can that one interface both listen 
> > to incoming
> > requests on the public IP's subnet, let's say for the sake of
example
> > 66.111.111.111, and then send packets to a real server on the 
> > internal subnet,
> > for example 192.168.1.10?  Seems to me you can't do that 
> > without 2 NICs.
> 
> Once again the example you are talking about is LVS-NAT, _NOT_ LVS-DR
as you
> reference.  LVS-DR involves no NAT/masq/address translation and
generally is
> setup on a public IP range for convenience or simplicity.
> 
> You're trying to make this too complex.  It looks like you are very
much
> confusing LVS terms and jumbling your firewall setup in the middle for
kicks
> :P.  Get out notepad or visio and write down your setup, it will help.
Then
> I would proceed as follows...
> 
> 1.) setup LVS box for LVS-NAT using configure script from Joseph Mack.
Make
> sure you give the LVS box a public IP and a private ip.

But the basic question I have is unanswered even in the the lvs-nat
section
of the HOWTO: how is outside traffic supposed to get to a VIP configured
with a live network address if the actual ethernet interface is
configured
for a private subnet?  Or do I need 2 NICs?  But the HOWTO only mentions
one
NIC and one VIP...

> 2.) firewall requests going to the public IP to the LVS box if you
want;
> just make sure desired traffic actually gets there.  I would recommend
> starting with low or no security and after you get it working
strengthen
> your setup.
> 3.) drink a beer to celebrate :P

_______________________________________________
LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
or go to http://www.in-addr.de/mailman/listinfo/lvs-users

<Prev in Thread]	Current Thread	[Next in Thread>
Re: Question about LVS-DR setup, (continued) Re: Question about LVS-DR setup, djo RE: Question about LVS-DR setup, Peter Mueller Re: Question about LVS-DR setup, djo Default gw for lvs-dr, djo Re: Question about LVS-DR setup, Hendrik Thiel Re: Question about LVS-DR setup, Joseph Mack Re: Question about LVS-DR setup, djo Re: Question about LVS-DR setup, Joseph Mack Re: Question about LVS-DR setup, djo Re: Question about LVS-DR setup, Joseph Mack RE: Question about LVS-DR setup, Peter Mueller <= Re: Question about LVS-DR setup, djo RE: Question about LVS-DR setup, Peter Mueller Re: Question about LVS-DR setup, djo

Previous by Date:	Default gw for lvs-dr, djo
Next by Date:	Re: Question about LVS-DR setup, djo
Previous by Thread:	Re: Question about LVS-DR setup, Joseph Mack
Next by Thread:	Re: Question about LVS-DR setup, djo
Indexes:	[Date] [Thread] [Top] [All Lists]