|
Serge Sozonoff wrote:
>
> Hi Guys,
>
> Has anyone tried doing LVS-NAT with ethernet bridgeing?
I assume you want the director to be the bridge.
I've sure thought about it a lot as a way of getting packets
between the realservers and the outside world without the director
seeing them. I talked to Horms about it
at OLS and he said that the director still sees all the packets
that are being bridged, so you don't bypass any rules, filter etc.
The 2.4 NAT is as fast as VS-DR now according to Julian (unlike
the 2.0 or 2.2 VS-NAT).
As well services not under control of the LVS can get out from
the realservers, eg you can telnet from the realservers to the
outside world setting up separate masq tables on the director.
WHat are you trying to do?
Joe
> I guess it would look like something in the diagram below
> and would in theory produce better throughput then plain LVS-NAT... ?
> maybe
> Cisco LD's do this and I was curious if we could do the same on our
> Linux LVS box.
>
> Before I run off and try and build this, I would appreciate any
> feedback.
>
> Thanks, Serge
>
> ________
> | |
> | client |
> |________|
> |
> |
> (router)
> |10.0.0.1
> |
> | VIP
> |10.0.0.2_________
> |------| |
> | director | LVS NAT with
> ethernet bridgeing
> |------|__________|
> |
> |
> |
> ------------------------------------
> | | |
> | | |
> 10.0.0.3 10.0.0.4 10.0.0.5
> ______________ ______________ ______________
> | | | | | |
> | realserver1 | | realserver2 | | realserver3 |
> |______________| |______________| |______________|
>
> gw 10.0.0.1 gw 10.0.0.1 gw 10.0.0.1
>
> _______________________________________________
> LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
> Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
> or go to http://www.in-addr.de/mailman/listinfo/lvs-users
--
Joseph Mack PhD, Senior Systems Engineer, Lockheed Martin
contractor to the National Environmental Supercomputer Center,
mailto:mack.joseph@xxxxxxx ph# 919-541-0007, RTP, NC, USA
|
