|
Hi,
The load balancer and the real servers must have one of their interfaces
physically linked by a HUB/Switch.
You have to configure your Realservers with public IPs. Use Iptables to deny
all direct Hits to your realservers ..
> I have configured my lvs as such:
>
> director (dr1) VIP: 66.111.111.116
> eth0: 192.168.1.5
VIP: 66.111.111.116
eth0:66.111.111.5
> realserver1 (rs1) VIP: lo0: 66.111.111.116
> eth0: 192.168.1.22
eth0:66.111.111.22
def gw: 66.111.111.1
>
> realserver2 (rs2) VIP: lo0: 66.111.111.116
> eth0: 192.168.1.23
eth0:66.111.111.23
def gw: 66.111.111.1
> using the following lvs-dr.conf:
>
> LVSCONF_FORMAT=1.1
> LVS_TYPE=VS_DR
> INITIAL_STATE=on
> CLEAR_IPVS_TABLES=yes
> VIP=eth0:116 lvs1 255.255.255.248 66.255.255.255
> DIP=eth0:241 dr1 192.168.1.0 255.255.255.0 192.168.1.255
> SERVICE=t http rr rs1 rs2
> SERVER_VIP_DEVICE=lo:116
> SERVER_NET_DEVICE=eth0
> SERVER_GW=192.168.1.244
> #----------end lvs_dr.conf------------------------------------
>
> Kernel IP routing table
> Destination Gateway Genmask Flags MSS Window irtt
> Iface
> 66.127.42.116 0.0.0.0 255.255.255.255 UH 40 0 0
> eth0
> 66.127.42.112 0.0.0.0 255.255.255.248 U 40 0 0
> eth0
> 192.168.1.0 0.0.0.0 255.255.255.0 U 40 0 0
> eth0
>
>
> I was not able to ping out. If I do route add default gw 66.111.111.113
> which is the gateway for the 66.111.111 subnet I am on it does not work.
So
> instead I did route add default gw 192.168.1.244 which is another box on
the
> local subnet running iptables/SNAT. Now I can ping out.
>
> On dr1 if I run tcpdump -ln host <some_client> and try to connect via the
> client I see nothing.
>
> _______________________________________________
> LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
> Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
> or go to http://www.in-addr.de/mailman/listinfo/lvs-users
>
|
