|
Joseph Mack PhD, High Performance Computing & Scientific Visualisation
LMIT, Supporting the EPA Research Triangle Park, NC 919-541-0007 Federal
Infrastructure Contact-Ravi Nair 919-541-5467 - nair.ravi@xxxxxxx,
Federal Visualization Contact - Joe Retzer, Ph.D. 919-541-4190 -
retzer.joseph@xxxxxxx
lvs-users-bounces@xxxxxxxxxxxxxxxxxxxxxx wrote on 05/04/2005 03:34:08
PM:
> Most of the setups I see describe a layered approach:
>
> firewall
> |
> lb (lvs director)
> /|\
> http servers
>
> Is there any technical advantage to separating the
> firewall and lb onto
> different pieces of hardware? Is it a requirement?
It was till recently. The director is a specialised router
and its own idea of routing bypassed attempts by netfilter
to affect the routing of packets. This has been mostly fixed
so that the director looks like a normal node now, but you
still have to keep your head on straight. See the howto for
making your director a firewall
Joe
|
