|
On Wed, Oct 04, 2000 at 06:48:22PM +0000, K. M. wrote:
> Three questions:
> --can LVS be used as a combined load balancer/firewall, since you're using
> ipchains already, or is ipchains on a separate box recommended?
Yes, ipchains packet filtering can happly work in conjunction with LVS.
> --can you place a single box that *doesn't* need load balancing behind the
> LVS box? Not sure how would work, if the LVS box always represents just one
> IP.
Yes, the LVS box can act as a router as well as a load balancer.
> --is LVS a good choice for the following configuration?
>
> Requirements: 3 webservers, need to be load balanced; 1 database server, not
> part of the load-balancing cluster; all servers are colo and need to be
> firewalled and accessed remotely
>
> ME
> |
> |
> (internet)
> |>public network
> |
> data center router
> |
> firewall
> |
> switch >private network #1?
> | |---------------------------|
> -------------- |
> | | database server
> LVS primary LVS backup
> web1 web2 web3 >private network #2?
>
> This diagram is just a draft. If the LVS box can serve as a firewall and the
> db box can go behind it, so much the better.
I would say that would work quite well.
You will probably to use LVS-NAT for the web servers.
Take a look at the following for one way to do this with
a primary and backup Linux Director.
http://ultramonkey.sourceforge.net/ultramonkey-1.0.1/topologies/topology-ha-lb-4.html
http://ultramonkey.sourceforge.net/ultramonkey-1.0.1/topologies/example-ha-lb-4.html
In terms of the data base server, you will just have to set up the
networking/ipchains apprpriately to allow this to or not to send and
receive traffic to and from the outside world.
--
Horms
|
