|
Hi there
> yes but you/I don't know the route of the ping. Is is going via
> the director or directly? I assume is that it is going directly,
> since this is the most common mistake setting up VS-NAT. If
> you've got all this correct, then I'll have to think again.
well, I think it's going through the router because the real servers
have 10.x.x.x addresses and have no clue of the outside world
(except through the router). but let's make a little test:
from inside $ lynx http://www.mydomain.com
from the www.mydomain.com logs ... yeah, it comes from the VS-NAT router
(200.200.200.10 - - [20/Sep/2000:16:18:48 -0300] "GET /" 200 2511)
good, it is the expected behaviour :)
> VS-NAT is different. It is possible to have a 1 NIC VS-NAT director
> in which case the client, director and real-server is on the same
> wire, but you have a 2 NIC director.
I'm using 2 NICs because ipportfw (which I'm preparing to replace)
doesn't like at all the 1 NIC approach. I'll try to see if it works
using plain eth0 aliases, though
> I haven't thought about the 2 NIC case for a while, but you can
> always configure an LVS to work if there is no connection between
> the client and the real-servers (except via the director). It's
> just easier to mess up if you have 2 NICs and all on the same wire.
ok. I also figured out what I was doing wrong. Redhat 6.2 has TWO
ipvsadm on the stock distribution. I upgraded to ipvsadm-1.11-4 from
ftp://people.redhat.com/kbarrett/ and got the test setup working
with 2 NICs and using the commands I post earlier. I also add two
new virtual FTP servers to the setup and they work as desired. great!
only one thing remain: if I get i.e. a ssh session openned without
interaction for a few minutes, it will hang. is this normal?
the commands that enable it
ipvsadm -A -t 200.200.200.10:22 -s rr
ipvsadm -a -t 200.200.200.10:22 -r 10.10.10.4:22 -m
Cheers
!3runo
|
