|
Hi Adrian,
Thanks for this info. I will try and clarify myself a bit more and ask
my question the other way around.
These are my requirements:
Using LVS-NAT I would like to:
1. Load balance my servers.
2. Have access to each real server individually from the internet by IP
address bypassing the LD (Real Servers have a valid IP)
(i.e. I am NAT'ing, but only for the purpose of load balancing, not for
having a private network behind the LD)
3. Use the Router or the Linux Director as the default gateway for
return traffic.
It might look something like this: (IP addresses are hypothetical)
Client
212.111.56.111
|
|
|
|
|
195.143.23.1
Router
195.143.24.1
|
|
|
|
|
_________ 195.143.24.2 (VIP)
Linux LD
_________ 195.143.24.2
|
|
|
___________________
| |
| |
195.143.24.3 195.143.24.4
Real Server Real Server
Is it possible to load balance on MAC address's ?
Cisco Local Director dispatch mode -> With dispatch mode, the
LocalDirector simply performs a MAC address translation leaving the IP
header of the packet intact.
Some links regarding Cisco LD
http://www.cisco.com/univercd/cc/td/doc/cisintwk/ito_doc/transbdg.htm
http://www.eecostructure.com/blueprint_rec/implement_network_cisco_local
director_configuration.htm
Thanks,
Serge
-----Original Message-----
From: Radu-Adrian Feurdean
Sent: Fri 9/28/2001 10:27 AM
To: lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Cc:
Subject: RE: LVS and ethernet Bridgeing
On Thu, 27 Sep 2001, Serge Sozonoff wrote:
> Hi,
>
> >the client sends a packet with src=CIP, dst=VIP (abbreviated
> CIP->VIP),
> >the realserver receives a packet with the dst rewritten
> (CIP->RIP). The
> >realserver replies (RIP->CIP). If this arrives at the client
> directly
> >(as happens when you don't have the director as the default gw
> of the realservers),
> >the packet is not recognised at part of any request the client
> made.
> >The reply packets have to be masqueraded on the way out.
>
>
> Hmmm, I see what you are saying.
>
> I am trying to figure out how Cisco do this, because this is
> what they do in the Cisco LocalDirector and it works. I will
investigate
> further.
Apparently L4 switches check both layer2 (data-link) and layer3 (IP)
information before taking a decision.
Linux treats the packet at layer2 first. There it goes through bridging
code,
it sees that the packet is not local and is forwarded as-is. It does not
arrive in layer3 processing code, where LVS works.
Probably if you do proxy-arp on the director with the default gateway's
address it may work. That way you have bridging in one direction
(defgw->RS)
and routing in the other (RS-proxyarp->director->defgw).
Or if you can push the packet from the bridging code into the IP code it
may
also work. This implies patching the kernel.
Radu-Adrian Feurdean
mailto: raf @ chez.com
----------------------------------------------------------
"The use of COBOL cripples the mind; its teaching should,
therefore, be regarded as a criminal offense." (Dijkstra)
_______________________________________________
LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
or go to http://www.in-addr.de/mailman/listinfo/lvs-users
|
