| Hi.   I have 2 directors (active/active), running with 
keepalived. behind them are 4 real servers, running nt (yaicccssss, didn't have 
a choice...). The directors have 2 vip's , each each directed (lvs-nat) to 
pair to realservers, each pair provides separate functions, working great, no 
problem here. all the realservers are on the same network 10.0.0.0/24. Now, 
i need to access from a server in pair 1 to a server in pair 2, and i need to do 
that through some highly available point (not though connecting to one of the 
servers directly, but through some vip on the internal network). Now, i am 
trying to understand how this would work. Tried lvs-nat, establishing vip 
10.0.0.x on the director, but it didn't work, and on second throught it seems 
that for lvs-nat to work, there has to be routing ? so vip and real 
servers must be in different ip subnets ?   Is there a way to fulfill this requirement though 
lvs-nat ? if not, will dr do the trick ?   and another question - i am using the directors 
aslo as iptables firewalls, so right now the sync daemon is useless to me 
(during failover ip_conntrack data is not updated, so the state sync for lvs is 
useless). Are there plans to include iptables sync into lvs sync ?   Thank you. Alex |