|
> It looks like your setup is using LVS DR mode. Could the LVS NAT
> mode work for this Win2K Terminal Servers? Thanks!
>
Yes you should be able to use any of the methods you want. I recommended
LVS-DR initially in my setup because I was confusing it with PPTP, which
doesn't like being behind a masq box. Sorry about that.
I think you are right to want to use LVS-NAT, it should allow much better
security! You will simplify setup and improve security all in one big
swoop. Hmm I think you'll have to congratulate yourself with a beer or two
tonight :)
> At 05:35 PM 10/8/2001 -0700, you wrote:
> >> Has anyone used LVS to balance the load for Win2K Terminal
> >> Servers? I remember seeing those, but do not know where to
> >> find anyone has complete summary about them. Thanks for
> >> anyone's feedback.
> >
> >This should be a fairly straightforward setup. You just have to load
> >balance TCP:3389 on the VIP. you MUST packet filter your
> windows boxes,
> >there's 5 bazillion UDP + other listens.... (and the built
> in packet filter
> >tool, RRAS, **SUCKS**.. (someone tell me if there's a better
> one please..)
> >
> ><crappy ascii diagram>
> > /------------\
> > |Firewall |
> > |x.y.z.a |
> > \------------/
> > |
> > |eth, only allow tcp:3389 + ssh + _some_ ICMP
> > |--------------------------
> > | \
> >/------------\/ \/------------\ \
> >| LVS-DR | | LVS-DR 2 | \{application
> servers are at
> >| |===| | {the same
> network level as
> >\------------/ | \------------/ {the LVS boxes.
> > |
> > serial failover
> >
> >
> >_______________________________________________
> >LinuxVirtualServer.org mailing list -
> lvs-users@xxxxxxxxxxxxxxxxxxxxxx
> >Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
> >or go to http://www.in-addr.de/mailman/listinfo/lvs-users
>
>
> _______________________________________________
> LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
> Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
> or go to http://www.in-addr.de/mailman/listinfo/lvs-users
>
|
