LVS
lvs-users
Google
 
Web LinuxVirtualServer.org

[lvs-users] LVS-NAT One network question..

To: lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Subject: [lvs-users] LVS-NAT One network question..
From: "Benjamin Smith" <defitro@xxxxxxxxx>
Date: Tue, 22 Jul 2008 14:52:38 -0400
Recently I have begun exploring the use of LVS to provide HA Load balancers
for our internal middleware app layer.  The real servers that I require load
balancing for are on the same network as the director, the clients and in
one extreme case, the same machine on different ports.

Currently I have a very simple implementation without the use of HA
capabilities via keepalived.   The only way I could make it work was
outlined here:
http://www.austintek.com/LVS/LVS-HOWTO/HOWTO/LVS-HOWTO.LVS-NAT.html#one_networkwhich
instructs me to disable icmp forwarding on my director and set my one
and only route (default) on the real servers to the director.  This doesn't
feel right.  I believe I read correctly that if I need I can have individual
host routes to DBs, NFS, etc, is that correct?  That is still kind of a
pain, but eases it somewhat..

Is there another, less restrictive way to make LVS-NAT on one network work
smoothly?

Versions, etc:

Director Kernel: 2.6.18-53.el5 #1 SMP
ipvs: IP Virtual Server version 1.2.1 (size=4096)
keepalived: 1.1.15

keepalive.cf:

global_defs {
   notification_email {
        me@xxxxxx
   }
   smtp_connect_timeout 30
   ! Must be unique for every director
   lvs_id lvsdev01
}

! Setup virtual int
vrrp_instance vip_one {
        state MASTER
        interface eth0
        lvs_sync_daemon_inteface eth0
        virtual_router_id 51
        priority 150
        advert_int 1
        smtp_alert
        ! For other server connections
        !authentication {
        !        auth_type PASS
        !        auth_pass example
        !}
        ! VIP.
        virtual_ipaddress {
                10.10.240.132 dev eth0
        }
}

! Setup the virtual server for ipvs.
virtual_server 10.10.240.132 17000 {
    delay_loop 6
    ! Weighted Least Connections
    lb_algo wlc
    ! Servers will talk through me and I'll do the NATing.
    lb_kind NAT
    ! Main protocol will be TCP
    protocol TCP
    persistence_timeout 0
    ! Suspend on failure
    ha_suspend
    ! Real server
    real_server 10.10.240.48 17000 {
        weight 1
        TCP_CHECK {
            connect_timeout 3
            connect_port 17000
        }
    }

    real_server 10.10.240.48 17001 {
        weight 1
        TCP_CHECK {
            connect_timeout 3
            connect_port 17001
        }
    }
}


-- 
Benjamin Smith
http://www.just-another.net

<Prev in Thread] Current Thread [Next in Thread>