On 1999-09-22T10:15:57,
"Stephen D. Williams" <sdw@xxxxxxx> said:
> In the general case we will have to solve this another way.
Right. But adding a netmask to the template entry would be a solution which is
quite simple and could be used to circumvent this problem.
> I had been trying to reconcile the performance and simplicity of LVS/DR with
> the
> need sometimes to have layer-3 routing. I realized while explaining the
> problem
> to someone yesterday that the appropriate solution is to allow LVS/DR to do
> fast
> load balancing to another layer that handles the layer-3 routing when needed.
> For
> this second layer you could use a modified Squid.
What I would like to see/do is to have the initial decision where the
connection should go handled by a user level process which would do the TCP/IP
handshake and snoop the request (if it deems that this is necessary), then
create the real connection to the server and add a "fast forwarding" entry to
the masquerading table so all further packets do not go through the
application.
The hard part here is "replaying" the connection establishment to the real
server after the client has already established a session. I think these kinds
of hack will be easier with iptables.
Sincerely,
Lars Marowsky-Brée
--
Lars Marowsky-Brée
Network Management
teuto.net Netzdienste GmbH
----------------------------------------------------------------------
LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
To unsubscribe, e-mail: lvs-users-unsubscribe@xxxxxxxxxxxxxxxxxxxxxx
For additional commands, e-mail: lvs-users-help@xxxxxxxxxxxxxxxxxxxxxx
|