LVS
lvs-users
[Top] [All Lists]
Google
 
Web LinuxVirtualServer.org
<prev [Date] next> <prev [Thread] next>

RE: LVS and Terminal Services

from [Wayne] [Permanent Link]
To: lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Subject: RE: LVS and Terminal Services
From: Wayne <wayne@xxxxxxxxxxxxxxx>
Date: Mon, 08 Oct 2001 18:00:01 -0700 
Thanks!  I don't know where you are, if you ever come to
LA, I will buy a beer :-)

At 05:53 PM 10/8/2001 -0700, Peter Mueller wrote:
>> It looks like your setup is using LVS DR mode.  Could the LVS NAT
>> mode work for this Win2K Terminal Servers? Thanks!
>> 
>
>Yes you should be able to use any of the methods you want.  I recommended
>LVS-DR initially in my setup because I was confusing it with PPTP, which
>doesn't like being behind a masq box.  Sorry about that.
>
>I think you are right to want to use LVS-NAT, it should allow much better
>security!  You will simplify setup and improve security all in one big
>swoop.  Hmm I think you'll have to congratulate yourself with a beer or two
>tonight :)
>
>> At 05:35 PM 10/8/2001 -0700, you wrote:
>> >> Has anyone used LVS to balance the load for Win2K Terminal
>> >> Servers?  I remember seeing those, but do not know where to
>> >> find anyone has complete summary about them.  Thanks for
>> >> anyone's feedback.
>> >
>> >This should be a fairly straightforward setup.  You just have to load
>> >balance TCP:3389 on the VIP.  you MUST packet filter your 
>> windows boxes,
>> >there's 5 bazillion UDP + other listens.... (and the built 
>> in packet filter
>> >tool, RRAS, **SUCKS**.. (someone tell me if there's a better 
>> one please..)
>> >
>> ><crappy ascii diagram>
>> >        /------------\
>> >        |Firewall    |
>> >        |x.y.z.a     |
>> >        \------------/
>> >               |
>> >               |eth, only allow tcp:3389 + ssh + _some_ ICMP
>> >               |--------------------------
>> >               |                          \
>> >/------------\/ \/------------\            \
>> >|    LVS-DR  |   | LVS-DR 2   |             \{application 
>> servers are at
>> >|            |===|            |              {the same 
>> network level as
>> >\------------/ | \------------/              {the LVS boxes.
>> >               |
>> >             serial failover
>> >
>> >
>> >_______________________________________________
>> >LinuxVirtualServer.org mailing list - 
>> lvs-users@xxxxxxxxxxxxxxxxxxxxxx
>> >Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
>> >or go to http://www.in-addr.de/mailman/listinfo/lvs-users
>> 
>> 
>> _______________________________________________
>> LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
>> Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
>> or go to http://www.in-addr.de/mailman/listinfo/lvs-users
>> 
>
>_______________________________________________
>LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
>Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
>or go to http://www.in-addr.de/mailman/listinfo/lvs-users
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: LVS and Terminal Services, Peter Mueller
Next by Date:  Re: about Persistent connection, Oktay Akbal
Previous by Thread:  RE: LVS and Terminal Services, Peter Mueller
Next by Thread:  Troubleshooting with LVS_NAT implementation ....., thomas perrin
Indexes:  [Date] [Thread] [Top] [All Lists]