|
you can (probably) solve it by defining another cluster on the director,
which vip is on the same ip subnet and phisical interface of the director as
the realservers, and which contains the same realservers as the main
cluster. the realservers will be able to connect to the internal VIP . i use
such setup to connect from one group of servers behind lvs cluster to
another group, both groups are on the same subnet, behind the same director.
to make this work, you should follow
http://www.linuxvirtualserver.org/Joseph.Mack/HOWTO/LVS-HOWTO.LVS-NAT.html#o
ne_network
to the letter , otherwise this will not work.
Alex.
----- Original Message -----
From: "Stephan Wonczak" <Wonczak@xxxxxxxxxxxxxxxx>
To: <lvs-users@xxxxxxxxxxxxxxxxxxxxxx>
Sent: Tuesday, February 11, 2003 5:59 PM
Subject: Re: Accessing lvs service from the NAT router
> On Tue, 11 Feb 2003, Malcolm Turnbull wrote:
>
> > Stephan Wonczak wrote:
> >
> > > Question: Is it possible to connect to a lvs service from the
router?
> > > Or if not, why? If it is not, the it would be quite a showstopper for
> > > the application we have in mind; the web server is just a test to
verify
> > > that our cluster is working correctly.
>
> Hi Malcolm!
>
> Wow, that has to be the quickest answer I ever got from a product
> specifig mailing list!
>
> > Sorry , can you explain that a bit more ?
>
> I think there is no need, you seem to have gotten my thrust right
> already. But I will gladly give a little more background (see below)
>
> > The LVS (is that what you mean by router)
>
> I used the term LVS for the cluster as a whole; by router I meant the
> machine that is playing the director/load balancer.
>
> > cannot connect to its own VIPs
>
> *grumble* This is exactly the answer I did not want to hear....
>
> > , but it can connect to the RIPs on the web servers in the cluster.
>
> Yes, this works fine. Of course :-) (like I said in my original mail,
> the virtual web server is up and running OK)
>
> > You can use mon,keepalived or ldirectord to monitor the real servers in
> > your cluster.
> >
> > If you want to monitor the VIPs then use a monitoring device outside
> > your network or inside as well if you want..
>
> Hmmm... But this is not the reason for trying to connect to the VIP's
> from the router itself (although I can see that, too. Big Brother comes to
> mind here)
> What we actually are trying to do is the following. We have set up a
> HA-Cluster using RedHat AS 2.1 using their cluadmin software package.
> Additionally, this HA-cluster should serve as a NAT router for the real
> nodes of a LVS cluster. The main service running on the HA cluster is a
> mail server. We planned to do the virus checking on the processed emails
> on a load balanced cluster using LVS.
> So the upshot is that the mail server running on the NAT router needs to
> connect to the VIP of the virus scanner, simply to get the emails checked.
> If this setup is impossible, we would have to deploy a second HA cluster
> simply to do the routing, which seems like a bit of an overkill. (nb. it
> is not an option to run the router on the second HA-cluster sibling (where
> no mail server is running), because when this fails, we would be left with
> a nonfunctioning setup)
> I hope this clear up a little mor what we are trying to do. Thanks for
> your help!
>
> Dipl. Chem. Dr. Stephan Wonczak
> Institut fuer Angewandte Informatik (ZAIK)
> Regionales Rechenzentrum der Universitaet zu Koeln (RRZK)
> Universitaet zu Koeln
> Robert-Koch-Strasse 10
> 50931 Koeln
> Tel: ++49/(0)221/478-5577
> Fax: ++49/(0)221/478-5590
>
>
> _______________________________________________
> LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
> Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
> or go to http://www.in-addr.de/mailman/listinfo/lvs-users
> .
|
