At 08:09 AM 7/29/00 +0800, Gong Wei wrote:
>One of the practical application in our environment is for network
>management purpose. We have a group of management server, however, for load
>sharing/HA purpose I would like to let all of them appear as a single IP.
>
>The way the overall system works is that whenever there is a link state
>change on the edge switch port (connect/disconnect a pc/notebook to the
>switch port, for instance), a trap will be sent to the management server,
>which contains important info like the location of the switch, MAC address
>of the client, etc. These information will be used later to generate audit
>reports.
>
>Unfortunately currently there is no way to send certain packets to all real
>server, so unless the subsequent packets from the *client* (not the switch)
>happended to reach the real server, or else ....
This is obviously against what LVS trying to accomplish -- reduce
the load to each server. You are looking for a load "multiplier" which
should be implemented in your application to sync their data, rather
than using LVS to do that.
>Obviously I could use persistence feature with 0.0.0.0 as the netmask, but
>this doesn't sounds like a neat solution ...
>
>The "security/flooding" concern something valid as not every system
>administrator knows what they are doing :-)
>
>This is just one particular instance whereby I found LVS doesn't fit into
>the picture nicely. In other situations especially WWW/FTP, it works really
>nice!
>
>-----Original Message-----
>From: Ted Pavlic [mailto:tpavlic@xxxxxxxxxxx]
>Sent: Saturday, July 29, 2000 4:28 AM
>To: Joseph Mack; Brian Edmonds
>Cc: lvs-users@xxxxxxxxxxxxxxxxxxxxxx
>Subject: Re: [Q]Send certain packet to *ALL* real server
>
>
> > I take it just having the DNS on the real-servers as secondaries to the
> > master machine independant of the LVS just doesn't fly?
> > I don't know how NOTIFY works. How does a primary machine NOTIFY
> > secondaries? From what I know from setting them up, the primaries don't
> > push, they respond to requests.
>
>The primary servers do send notifies to the authoritative secondary servers
>(i.e., all of the NS records in a domain).
>
>The notifies don't push information, they simply tell the secondaries that
>it is time to pull information for domain-X. They basically force the
>authoritative secondaries to do a zone transfer before their zone
>information has expired.
>
>It would be useful to be able to send one notify to all servers at one time
>thus causing all of them to go and pull all of their information
>immediately...
>
>BUT... I'm not quite sure how RFC it is to have DNS behind an LVS. Any
>thoughts on this?
>
>However -- I'm sure there are other uses for having the ability to send a
>packet to all real servers at once... I just can't think of any right now...
><?>
>
>Personally I don't know if it would be worth the hassle. And I think I'd be
>worried about security... that is -- I'd be worried that someone could flood
>all of my real servers at once. That wouldn't be cool.
>
>
>
>
|