|
yeah, I mean in my mind it seems logical but yet it's still not working,
so I'm sure I'm missing something.
-jeremy
On Fri, 22 Sep 2000, tc lewis wrote:
>
> does the "ip" command not have this functionality?
> to setup special routing from the real servers.
> then if you want to use your balancer as a nat server at the same time i
> don't see why that wouldn't work as long as the traffic has nothing to do
> with the load balanced traffic, but maybe there is actually a problem
> there and you would need a separate machine for nat/masquerading.
>
> -tcl.
>
>
> On Fri, 22 Sep 2000, Jeremy Hansen wrote:
>
> >
> > Ok. Here's a layout of basically how it setup
> >
> >
> > internet
> > |
> > 64.204.99.1 (network providers router)
> > |
> > switch
> > |
> > real server 1 lvs machine real server 2
> > RIP (10.100.50.247) RIP (64.204.99.249) RIP (10.100.50.246)
> > lo:0 (64.204.99.240) VIP (64.204.99.240) lo:0
> > (64.204.99.240)
> > default gw 64.204.99.1 default gw 64.204.99.1
> > static arp entry static arp entry
> > for the router, for the router,
> > 64.204.99.1 64.204.99.1
> >
> > real server 3 (which is not to be load balanced)
> > RIP (10.100.50.245)
> >
> > The problem is real server 1,2,3 cannot get to the internet which is a
> > requirement. Basically because these machines don't really have a real ip
> > address at all, so for them to get out, they need to be NAT's at some
> > point.
> >
> > What I thought you be possible is to set up a route or some type of rule
> > that says if traffic originates from 10.100.50.0/24, instead of using the
> > default gw, 64.204.99.1, go through 64.204.99.249 and be masqeraded, but
> > at thew same time if traffic originates from elsewhere and gets passed
> > from the LVS machine's VIP, then use the default gw and use DR instead.
> >
> > So I could masq and use DR for important traffic all at the same time.
> >
> > I hope this clears things up. My original email was pretty misleading.
> >
> > Thanks
> > -jeremy
> >
> >
> >
> > On Fri, 22 Sep 2000, Joseph Mack wrote:
> >
> > > On Fri, 22 Sep 2000, Jeremy Hansen wrote:
> > >
> > > >
> > > > I have a situation where I'm using DR, but I need to NAT *some*
> > > > traffic.
> > > >
> > > > I have the lvs server setup with real ip's, but all the real servers are
> > > > using internal addresses. I'm using DR, so the real servers are
> > > > actually
> > > > using the real ip of my upstream providers router, I'm statically
> > > > assigning the mac address of the router to the real servers.
> > >
> > > I don't understand the last two sentences. (I assume the router is the box
> > > connecting your public network to the ISP). But lets put that aside for
> > > the moment.
> > >
> > > The VIP is a routable IP, so clients on the internet can send packets to
> > > the LVS. The real-servers will also have the VIP on them, so they can send
> > > replies to the client. The RIPs on the real-servers and the network
> > > connecting the director to the real-servers can be anything you like,
> > > including non-routable IPs (ie 192.168.x.x).
> > >
> > > Can you explain your problem again saying why this framework won't work
> > > in your case.
> > >
> > > Joe
> > >
> > > --
> > > Joseph Mack mack@xxxxxxxxxxx
> > >
> > >
> >
> > eholes.org * jeremy@xxxxxxxxxx
> > -----------------------------------------
> > eholes have feelings too...
> >
> >
> >
> >
>
>
eholes.org * jeremy@xxxxxxxxxx
-----------------------------------------
eholes have feelings too...
|
