|
On 2000-05-11T15:32:14,
Stephen Zander <gibreel@xxxxxxxxx> said:
> Lars> The new fw-mark stuff should bypass this problem too, no?
> I don't see how. The problem is the director's handling of packets
> from the realserver that have source addresses the director thinks it
> owns. That doesn't go away just because you're performing finer grade
> load-balancing on incoming packets (packets travelling outside source
> -> director -> realserver).
It does.
Because with the fw-mark stuff, the load balancer doesn't have to have that
interface any more.
> Remember, this issue only ever occurs when doing IP-DR with the
> director as a gateway for the realserver.
Thanks for re-explaining this to me. I haven't been watching this project for
too long and also don't have a clue about networking nor Linux, so I must have
missed that.
> Whether you should just suffer through the additional overhead of NAT in
> such a situation is left as an exercise for the reader. :)
You may not wish to use NAT for different reasons.
Sincerely,
Lars Marowsky-Brée <lmb@xxxxxxx>
Development HA
--
Perfection is our goal, excellence will be tolerated. -- J. Yahl
|
