|
Hi All
I'm investigating using Direct Routing for our LVS setup instead of NAT.
We have an issue with the interface lo responding to arp requests.
We're using kernel 2.4.16 on both LVS boxes and we setup the VIP as lo:0 on
the secondary LVS box.
By setting the netmask to be 255.255.255.255 and the 'route add -host
xx.xx.xx.xx dev lo' it's meant to configure the interface on localhost and
NOT respond to arp requests.
Well, it's not doing that. I can ping that IP address.
Anyone have any ideas why? I've tried "echo 1 >
/proc/sys/net/ipv4/conf/eth0/arp_filter" and "proxy_arp" and all sorts of
things but simply can't get it to work. I'm pinging this virtual IP from a
workstation on the same subnet. So basically the setup is like this:
-----------
| lvs 1 | eth0: 203.1.1.1
----------- (VIP) eth0:0 203.1.1.222
|
|
|
----------- eth0: 203.1.1.2
| lvs 2 | lo:0 203.1.1.222
-----------
|
|
|
---------------
| workstation | eth0: 203.1.1.50
---------------
You may well ask why the lo:0 is on the lvs2 instead of the real server.
Well, that's because we're running apache on both lvs servers to load
balance (round-robin) web traffic between each other.
Yes, it's silly but we don't have the hardware right now to have
2 separate LVS boxes (otherwise I'd probably settle for LVS-NAT)
So anyway, if the workstation pings 203.1.1.222 after I take lvs 1 down, I
can ping it and an arp -a shows the MAC address of lvs 2. How can you make
lo:0 NOT respond to arp? I've tried 'ifconfig lo -arp' which set the interface
to NOARP
but that didn't work. I could still ping it.
Thanks in advance for any help.
Gonzalo.
|
