|
Hi Joe,
Yes, the director would be the bridge.
Well this would I guess give me LVS-DR without the ARP headache for one.
All the Realservers could have real IP's so they could be accessed
directly from the internet (we need this for some external monitoring
purposes)
and it would possibly improve throughput by avoiding the packet
rewriting overhead on the Director. Performance wise I would think it
should
fit in between LVS-DR and LVS-NAT, being better than LVS-NAT and slighty
slower than LVS-DR.
I have not yet thought about how this would fit into an HA cluster of
Directors.
Thanks, Serge
> ----------
> From: Joseph Mack
> Sent: Thursday, September 27, 2001 20:29
> To: lvs-users@xxxxxxxxxxxxxxxxxxxxxx; Serge Sozonoff
> Subject: Re: LVS and ethernet Bridgeing
>
> Serge Sozonoff wrote:
> >
> > Hi Guys,
> >
> > Has anyone tried doing LVS-NAT with ethernet bridgeing?
>
> I assume you want the director to be the bridge.
>
> I've sure thought about it a lot as a way of getting packets
> between the realservers and the outside world without the director
> seeing them. I talked to Horms about it
> at OLS and he said that the director still sees all the packets
> that are being bridged, so you don't bypass any rules, filter etc.
>
> The 2.4 NAT is as fast as VS-DR now according to Julian (unlike
> the 2.0 or 2.2 VS-NAT).
>
> As well services not under control of the LVS can get out from
> the realservers, eg you can telnet from the realservers to the
> outside world setting up separate masq tables on the director.
>
> WHat are you trying to do?
>
> Joe
>
> > I guess it would look like something in the diagram below
> > and would in theory produce better throughput then plain LVS-NAT...
> ?
> > maybe
> > Cisco LD's do this and I was curious if we could do the same on our
> > Linux LVS box.
> >
> > Before I run off and try and build this, I would appreciate any
> > feedback.
> >
> > Thanks, Serge
> >
> > ________
> > | |
> > | client |
> > |________|
> > |
> > |
> > (router)
> > |10.0.0.1
> > |
> > | VIP
> > |10.0.0.2_________
> > |------| |
> > | director | LVS NAT with
> > ethernet bridgeing
> > |------|__________|
> > |
> > |
> > |
> > ------------------------------------
> > | | |
> > | | |
> > 10.0.0.3 10.0.0.4 10.0.0.5
> > ______________ ______________ ______________
> > | | | | | |
> > | realserver1 | | realserver2 | | realserver3 |
> > |______________| |______________| |______________|
> >
> > gw 10.0.0.1 gw 10.0.0.1 gw 10.0.0.1
> >
> > _______________________________________________
> > LinuxVirtualServer.org mailing list -
> lvs-users@xxxxxxxxxxxxxxxxxxxxxx
> > Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
> > or go to http://www.in-addr.de/mailman/listinfo/lvs-users
>
> --
> Joseph Mack PhD, Senior Systems Engineer, Lockheed Martin
> contractor to the National Environmental Supercomputer Center,
> mailto:mack.joseph@xxxxxxx ph# 919-541-0007, RTP, NC, USA
>
>
|
