|
If you are using a recent 2.2 kernel, you don't require a custom patch!
Just do the following:
echo "1" > /proc/sys/net/ipv4/conf/all/hidden
echo "1" > /proc/sys/net/ipv4/conf/lo/hidden
/sbin/ifconfig lo:0 virtual.server.ip.number netmask 255.255.255.255
This gives you a silent interface to which you can send LVS-DR traffic.
We have this in production on NUMEROUS boxes, it works flawlessly.
We used to use the 'Horms' method of ipchains-redirect, but on heavily
loaded boxes, there was an unacceptable CPU load, sometimes eating the
whole machine. The silent method has no discernable overhead.
Rod Rutherford in my dept., who's been working LVS since its crude early
days here, researched & figured out the above method.
Jerry Glomph Black
Director, Internet & Technical Operations
RealNetworks
Seattle Washington USA
On Mon, 24 Jul 2000, Jon Oringer wrote:
> I think I'll just patch the kernel -- then I don't have to worry about it at
> all!
>
>
> -----Original Message-----
> From: Joseph Mack [mailto:mack@xxxxxxxxxxx]
> Sent: Monday, July 24, 2000 6:50 AM
> To: Jon Oringer
> Cc: lvs-users@xxxxxxxxxxxxxxxxxxxxxx
> Subject: Re: ARP problem - do I have to deal with it in my case?
>
>
> On Sun, 23 Jul 2000, Jon Oringer wrote:
>
> > Do I still have to deal with the ARP problem?
>
> yes, but you don't neccessarily have to hide the VIP (see below).
>
>
> > can the client route to the realserver network if it is on a different
> class
> > C from the directors
> > VIP?
>
> it's the VIP on the realservers that's the problem.
>
> >
> > also -- the 5 Realservers are K2-550's... each one will handle 5Mbits.
> > the director is a Cel-500 -- is this enough power to handle the incoming
> > traffic that will be re-routed? I plan to use the TUNNEL method, not the
> > DR one...
>
> You don't have to hide the VIP on the realservers if you use the router
> to prevent arps for the VIP getting to the realservers. For VS-TUN this
> is called Lars' method in the HOWTO.
>
> Joe
>
> --
> Joseph Mack mack@xxxxxxxxxxx
>
>
>
>
>
>
|
