|
Hi, I'm trying to build a LVS using lvs-dr. I have read the HOWTOs yet am
confused about one thing: in all the examples, none of the directors seem to
be using a real IP address on the Internet. I am confused about whether the
VIP for the director/realservers is going to be an actual live IP address or
not. If it is, then would I not need to have 2 ethernet cards in the
director - one to face outward and one to face inward to connect to the
realservers?
If I have only one ethernet interface in the director, then I am assuming it
must be on an internal private subnet behind a firewall that is taking
incoming packets
from the live IP and forwarding them to the virtual IP on the private subnet.
This is in fact how I tried to initially set it up. Everything worked fine
if the client machine was on the same private subnet. But if the client had
to go through a firewall box running DNAT (the only way to do it I am
assuming) then the client cannot connect.
So my question is: do I need 2 interfaces or just one on the director. If
two, then will I not have to do DNAT internally on the director to pass
packets from the live IP to the VIP? If one, how can I get it to work
assuming that the director is sitting behind another box doing DNAT?
|
