|
The ipchains/iptables REDIRECT method (introduced to this list by Mr Horms
a long time ago) works fine, we've used it in production in the past.
However, at -very- high packet loads it is far less CPU-efficient than
getting the ARP settings correctly working. The REDIRECT method was bogging
down our LVS boxes during peak traffic, something which does not happen with
doing it the 'right way' with LVS-DR and silent arp-less interfaces on the real
servers.
Jerry Glomph Black
International Man of Mystery
RealNetworks
On Fri, 6 Jul 2001, Noah Roberts wrote:
> Alison Smith wrote:
>
> > /proc/sys/net/ipv4/conf/all/hidden is set to 1 for the real-servers and 0
> > for the director.
>
> I don't know about the hidden thing your doing, but the ipchains (or iptables
> now) trick works great. Just send the real server the stuff for the VIP and
> make it redirect it. No arp problem because only the director actually
> responds to the VIP.
>
|
