Re: problems getting direct routing to work

To:	Horms <horms@xxxxxxxxxxxx>
Subject:	Re: problems getting direct routing to work
Cc:	lvs-users@xxxxxxxxxxxxxxxxxxxxxx
From:	Donald Ball <balld@xxxxxxxxxxxxxxx>
Date:	Sun, 9 Apr 2000 23:19:09 -0400 (EDT)

On Sun, 9 Apr 2000, Horms wrote:

> On Sun, Apr 09, 2000 at 04:16:25PM -0400, Donald Ball wrote:
> > Hi. I'm using LVS in the guise of piranha-0.4.12-1 on RedHat Linux 6.2.
> > I've successfully gotten LVS working through NAT, hurrah, but I'm planning
> > on hosting about 75 different web sites in my new LVS farm and I'd rather
> > not have to maintain three seperate apache configuration files. I'm
> > inclined to go with direct routing instead of NAT, but I cannot make it
> > work. To make things easy, I'm working with two nodes.
>
> Is the dafault route for the back-end server (johnny) through 
> the IPVS server (susan). While this is a requirement for
> NAT to function correctly, I believe that the version of IPVS
> that ships with RH6.2 does not support the router being the
> default gateway using direct routing. The problem is that the
> return packets from the back-end servers have a source address
> of one of the IPVS server's interfaces so it is deemed to be
> a spoof and is dropped. 
> 
> Julian Anastasov was working on a fix to this problem but
> I am not sure what the status on this is.

No, the default route is straight out the public ethernet interface to the
main office router. I actually was able to fix things per the instructions
on this page:

http://linuxvirtualserver.org/arp.html

I added these rules to the ipchains configuration on the real server:

ipchains -A input -j REDIRECT -d 206.66.49.220 -p tcp
ipchains -A input -j REDIRECT -d 206.66.49.220 -p udp

(206.66.49.220 is the virtual ip address, of course)

and everything started working fine. It's a tad onerous to create the
rulesets for all of the virtual ip addresses, but much simpler than
maintaining 'n' seperate copies of the apache configuration file, so I'm
happy.

Another conf question - is there any technical problem with having a two
node direct routing lvs cluster, where the web servers run on the same
machines as the primary and secondary load balancing routers? that's not a
configuration i'm planning on using, mind you, i'm just idly curious if
that's an effective solution for those with low budgets.

- donald

<Prev in Thread]	Current Thread	[Next in Thread>
problems getting direct routing to work, Donald Ball Re: problems getting direct routing to work, Horms Re: problems getting direct routing to work, Joseph Mack Re: problems getting direct routing to work, Donald Ball <= Re: problems getting direct routing to work, Horms Re: problems getting direct routing to work, Donald Ball Re: problems getting direct routing to work, Horms Re: problems getting direct routing to work, Joseph Mack Re: problems getting direct routing to work, Julian Anastasov Re: problems getting direct routing to work, wanger

Previous by Date:	Re: problems getting direct routing to work, wanger
Next by Date:	Re: problems getting direct routing to work, Horms
Previous by Thread:	Re: problems getting direct routing to work, Joseph Mack
Next by Thread:	Re: problems getting direct routing to work, Horms
Indexes:	[Date] [Thread] [Top] [All Lists]