On Thu, 12 Oct 2000, Steve Gonczi wrote:
> Joseph,
Hi Steve,
these are all general questions, so a good place to post them is
the mailing list. I've cc'ed the list in case anyone wants to add anything
> If you have a DR configuration, what sort of IP address would you
> typically use for your "external" interface of a content server?
>
> a) One of the Virtual Ip addresses the server services.
> b) Some other little advertised, but otherwise good and routable
> IP address (other than one of its Virtual IP-s)
> c) Some non-routable address
your nomenclature is different to ours. if (content server==real-server)
you must set up routing so that a packet with src=VIP,dest=clientIP
can get from the real-server to the router. the routing is the important
thing. the IPs are only there to satisfy the routing requirements.
> My understanding of the typical configuration:
>
> 1) LVS and Content servers need 2 interfaces each
an LVS can be set up with 1 NIC on each machine.
> 2) All virtual IP addresses handled by e specific content server
> are aliased onto the loopback interface.
the most often used setup, but not neccessary (see the HOWTO)
> 3) The ingress interface of LVS is connected to the outside world,
the LVS is the whole setup, ie the director and the real-servers. If you
are talking about the NIC on the director that is connected to the router
on a 2 NIC director
> and has all Virtual IP-s serviced by the cluster plus its own unique
> routable address aliased onto it.
it doesn't need any other IP on it, only the VIP is needed. For security
reasons it is probably better to not have any other IPs on it.
> 4) The Egress interface of LVS is connected to an internal private net and
> has a
> non-routable address.
if you mean the NIC on a 2 NIC director that connects to the real-servers,
it can have a non-routable address.
> 5) The ingress interface of each content server is connected to an internal
> private net and has a non-routable address.
yes
> 6) the egress interface of a content server is connected to the outside
> world and
> has a ??? address...
you dont need 2 NICs on the real-servers
Joe
--
Joseph Mack mack@xxxxxxxxxxx
|