[lvs-users] Correct configuration for ARP on real servers.

To: <lvs-users@xxxxxxxxxxxxxxxxxxxxxx>
Subject: [lvs-users] Correct configuration for ARP on real servers.
From: israel@xxxxxxxx
Date: Tue, 18 Aug 2015 12:54:17 -0500

I just configured an environment of two LVS servers with three real 
servers, and it works fine ... in the same network. When we try to 
access the web server through the virtual IP from another network, 
suddenly it doesn't work, this noted in the fact that we can't access 
the VIP, but it still works in the same network. But, if I shutdown one 
of the servers, it works perfectly.

My configuration is Direct Routing. My doubt is in the ARP 
configuration. I read on section 6.8 at 
that the following commands must be executed to properly configure 
arptables on every real server:

# arptables -A IN -d $VIP -j DROP
# arptables -A OUT -s $VIP -j mangle --mangle-ip-s $RIP

But looking at RedHat documentation (I'm working with RHEL servers) 
mentions on section 3.2.1 at
that the configuration to use is:

arptables -A IN -d <virtual_ip> -j DROP
arptables -A OUT -d <virtual_ip> -j mangle --mangle-ip-s <real_ip>

So ... Austintek uses the VIP as a source on the OUT chain, but RedHat 
uses it as a destiny. Can anyone tell me what is the right 
configuration? And could it be the cause of my problem, not being able 
to access my balancers with three real servers from outside the network? 
Funny thing is, both configurations seem to work the same way, which one 
is correct?

Thanks in advance.


Please read the documentation before posting - it's available at: mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
or go to

<Prev in Thread] Current Thread [Next in Thread>