|
Hello,
On Sat, 25 Aug 2001, Cpunk wrote:
> I have kind of a strange requirement. I am trying to swap an appliance
> box with ipvs. One of the requirements to make this happen is to make
> ipvs work without making any changes to the servers or the clients. So
> here is the problem. I need to do VS-NAT when the VIP, RIP, and CIP are
> all on the same network. If I weren't using ipvs, and had only one server
One same LAN or on same IP network?
> the problem and the solution is:
> http://netfilter.samba.org/unreliable-guides/NAT-HOWTO.txt
> In section:
> 10. Destination NAT Onto the Same Network
>
> But I have more than one server behind the VIP, so what happens is:
> CIP sends SYN to VIP, the VIP changes the Destination IP as expected, but
> the Source IP is still the CIP, and the Real Server tries to respond
> directly back to the client.
This is the way masquerade is working. You are trying to do
something that can't work with LVS. Put all your goals on the table
and may be someone can see the right solution for you.
> So the setup is like a VS-DR, but that won't work either (other clients
> connect directly to the RIP, and I also can't change the Real Servers).
Where are these "other clients"? "other clients connect
directly" is your observation or a wish, I can't understand.
> If this doesn't make any sense I can try to explain another way..
Please, do it. In this diagram I don't see a client on the
same subnet as the real servers. I don't see problem for using NAT or DR
methods. The LVS-HOWTO contains all possible setups for LVS-NAT. What
is so special in your setup?
Regards
--
Julian Anastasov <ja@xxxxxx>
|
