On Thu, Nov 02, 2000 at 08:21:33AM +0000, Julian Anastasov wrote:
> On Wed, 1 Nov 2000, Ard van Breemen wrote:
>
> > Explanation:
> > Machinelist:
> > MACHINE MAC Real-IP Virtual IP Director IP
> > router 0:d0:b7:26:b7:77 192.168.1.105/24
> > machine1 0:d0:b7:b5:4:22 192.168.1.159/24 192.168.16.2/24
> > 192.168.1.156/24
> > machine2 0:d0:b7:b5:6:c2 192.168.1.160/24 192.168.16.2/24
> > machine3 0:d0:b7:b5:3:e7 192.168.1.162/24 192.168.16.2/24
>
> Hm, your setup is very interesting.
>
> Here is my explanation why there is a problem with the
> normal setup, i.e. when the gateway resolves VIP with ARP, not
> your case. Your case requires using another logical network and
> this is not always possible when the gateway is under ISP
> control.
With good techies on both sides (we have chosen a good provider), and
of course Money :), the gateway (under control of the ISP) is
configured with our wishes....
> This is the explanation why your setup is working and the
> normal is not.
Thanks for re-assuring that we didn't miss things. I would hate to
find out that we missed something in a later stadium :).
Some investigation revealed however that in the normal setting up,
the real-servers can use the VIP on the ip level when connecting to
outside. Using the ip tool instead of ifconfig and route reveals why:
On every route we can define the preferred IP-source ourselves. In
this case somehow (with network IP reconfigurations, putting real-ip
(i.e. not the 192.168 range) addresses on the "primary" interface) the
VIP became the preferred source address. But reading the IP manual
revealed that setting up preferred source addresses is really easy:
ip route change ..... src realserver-ip. In the case we are setting
up it is not necessary because on the realserver, the kernel sees
that both the DIP and the VIP are secondary addresses of the primary
real-server ip and hence will not be used as source-ip. Only the
router will think that the VIP is not directly acccesible, but in fact,
every local system can reach it directly (in the same subnet).
Arping the VIP is not a problem now, but a mere tool to see which hosts
are up and useable for loadbalancing for that particular VIP :).
--
Ard van Breemen, T(elegraaf)E(lektronische)M(edia)
http://www.faqs.org/rfcs/rfc1855.html
**THIS E-MAIL MESSAGE IS VIRUS FREE BY COMPLYING TO THE ASCII STANDARD**
|