|
On Wed, 11 Oct 2006, Hoffman, Jon wrote:
I have two networks that are physcally located in different locations (lets
say city X and city Y). In city X we have our web servers, run by our team
there. In city Y we have our load balancer that we are tring to set up as a
demo to show how LVS works. We can not set our default gateway of our web
servers to be the load balancer because we are trying to test LVS and can
not take our web servers out of production to test a new load balancer. And
we want to see the load balancing working with our present servers.
What is happening is our client makes a request to our load balancer, the
load balancer (ldirectord) sends the request to our web server and the web
server responses directly back to the client, who has no idea why that
server is sending the packet to it.
You've got to let the director do its job (and you aren't).
In LVS-NAT the packets need to go back through the director.
Your webservers are accepting packets directly from the
internet and from the director. The realservers don't know
how to differentiate the replies - do they send the packets
to the director or to the router. If you could arrange for
the director to accept a slice of the internet (say
200.x.x.x or some worknet you have local to the director),
then you could set up routing for the realserver to send all
replies to 200.x.x.x through the director.
You can't use LVS-DR as the realservers aren't on the same
segment.
You can use LVS-Tun, but then you need realservers with
tunneling, and the routers at city X,Y need to allow out
packets from the VIP, which despite Malcolm's concerns, you
should be able to do if you pay the bills.
Joe
--
Joseph Mack NA3T EME(B,D), FM05lw North Carolina
jmack (at) wm7d (dot) net - azimuthal equidistant map
generator at http://www.wm7d.net/azproj.shtml
Homepage http://www.austintek.com/ It's GNU/Linux!
|
