|
Hi,
> Hello guys, merry christmas~
Thank you, the same to you.
> My problem is that web connection from the director is not working...
> For example...
> The web connection from 10.0.0.30(external host) to 192.168.0.2 is well
> done...
> (when lynx 10.0.0.72 at 10.0.0.30)
> However, when I try web connection from director(10.0.0.71 host)...
> It is always connected to 10.0.0.71 instead of 192.168.0.2...
Well, if you do a lynx -dump http://10.0.0.72:80/ from the director you
experience the problem Horms has described correctly.
> I want to connect to 192.168.0.2 at 10.0.0.71...
This will of course work if you do a lynx -dump http://192.168.0.2:80/ .
> How can I solve this problem...?
So, do you want to connect from the director to the RS using either
lynx -dump http://10.0.0.72:80/ or
lynx -dump http://192.168.0.2:80/
I am inclined to say that the first might be possible with some network
quirks, however as soon as you have multiple RS this won't work anymore.
Basically you could modify the routing rules on the director for locally
generated packets and add a new routing table entry. You then probably
need a back-route entry on the RS. Something along the lines (never
tested and it will most probably not work, it's just an idea) of
(assuming 192.168.0.1 is eth1):
On director:
------------
ip rule add from 127.0.0.0/8 to 10.0.0.72/32 lookup 44 pref 100
ip route add default via 192.168.0.1 dev eth1 table 44
On RS:
------
ip rule add from 192.168.0.1/32 lookup 34 pref 100
ip route add default via 192.168.0.1 src 192.168.0.2 dev eth0 table 34
or you add new secondary IP to the director:
On director:
------------
ip addr add 10.0.0.80/32 brd + dev eth1
ip rule from 127.0.0.0/8 to 10.0.0.72/32 lookup 44 pref 100
ip route add default via 192.168.0.1 src 10.0.0.80 dev eth1 table 44
On RS:
------
ip rule add from 10.0.0.80/32 lookup 34 pref 100
ip route add default via 192.168.0.1 dev eth0 table 34
Both versions are highly doubtful to work but it gives you ideas. In
case of multiple RS you would need to either do bounce table walking or
you add round robin routes to the respective RSs.
I wouldn't recommend trying to modify the kernel to allow the first lynx
example to work. You might end up hindering other services to work,
local DNS comes in mind ... . Why do you want to have this work, btw?
If you're interested in digging the code, have a look at
check_for_ip_vs_out(), called first in ../netfilter/ip_fw_compat.c to
steal IPVS related packets away from the netfilter engine, in
../ipvs/ip_vs_core.c.
Then follow ip_vs_out() in the same file and from there on I wish you
good luck :)
Best regards,
Roberto Nibali, ratz
--
echo '[q]sa[ln0=aln256%Pln256/snlbx]sb3135071790101768542287578439snlbxq'|dc
|
