Hello,
On Sun, 14 Jan 2001, Joseph Mack wrote:
> Julian Anastasov wrote:
>
> > I don't have problems using one NIC with masquerading. The trick
> > is both ends not to have direct routes (not to share same logical
> > networks), the routes must point to the masq box.
>
> About the send-redirects problem again.
>
> (Assuming the client is directly connected
> to the director, ie no router between the director and client)...
Yes, physically connected but they don't share logical connection,
i.e. both hosts use the masq box to reach the other end. For example:
MASQ box:
eth0: 10.0.0.1
eth0:0 10.0.0.100 VIP
eth0:1 192.168.0.1
*/send_redirects=0
Real server:
eth0: 192.168.0.2
def gw 192.168.0.1
Client:
eth0: 10.0.0.3
LVS Request:
10.0.0.3 -> 10.0.0.100
>
> In the HOWTO I tell people not to set up the real-servers
> and client on the same network, to prevent the real-server
> connecting directly to the client.
Yes, they don't need LVS/NAT for directors with one interface
but it should work if LVS/DR is not suitable for some user needs.
>
> Is this the problem being addressed here? i.e.
> so that people can have their real-servers and client on the same network.
Yes, I didn't tested this exotic setup with LVS/NAT but
configurations with masquerading between physically connected (but
not logically connected) networks works when send_redirects is 0.
> Joe
Regards
--
Julian Anastasov <ja@xxxxxx>
|