LVS
lvs-users
Google
 
Web LinuxVirtualServer.org

Re: LVS-NAT + ssh port forwarding

To: lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Subject: Re: LVS-NAT + ssh port forwarding
From: Fridiric <defdef@xxxxxxxxxxxxxxxxx>
Date: Thu, 06 Jan 2000 09:48:07 +0100
Wensong Zhang wrote:
> 
> Fridiric wrote:
> >
> > Hi,
> >
> > I wonder if it would be possible to use LVS-NAT to load-balance
> > virtual-IPs to ssh-forwarded real-IPs ?
> >
> 
> Sorry, I don't understand the meaning of ssh-forwarded real-IPs. Ssh
> is usually doing the encryption on the application-layer. Or, are you
> mentioning the CIPE?
> 

Ssh can also be used to create a local access that is forwarded to a
remote access throught the ssh protocol. For example you can use ssh to
securely map a local acces to a remote POP server:

local:localport ==> local:ssh ~~~~~ ssh port forwarding ~~~~~ remote:ssh
==> remote:pop

And when you connect to local:localip you are transparently/securely
connected to remote:pop

> Yeah, you can use VPN (or CIPE) to map some external real servers into
> your private cluster network. If you use LVS-NAT, make sure the
> routing on the real server must be configuration properly so that the
> response packets will go through the load balancer to the clients.

I think that it is'nt necessery to have the default router to the load
balancer when using ssh because when the RS address is the same that the
VS address (differents ports)

> 
> Wensong
> 
> > Example:
> >                                - VS:81 ---- ssh ---- RS:80
> >                               /
> > INTERNET - - - - > VS:80 (NAT)-- VS:82 ---- ssh ---- RS:80
> >                               \
> >                                - VS:83 ---- ssh ---- RS:80
> >
> > The main idea is to allow RS in differents LANs.
> >
> > freD.
> >

----------------------------------------------------------------------
LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
To unsubscribe, e-mail: lvs-users-unsubscribe@xxxxxxxxxxxxxxxxxxxxxx
For additional commands, e-mail: lvs-users-help@xxxxxxxxxxxxxxxxxxxxxx

<Prev in Thread] Current Thread [Next in Thread>