I think I have most of the answers that I needed, but I want to try to clarify
my diagram / questions a little better.
My incoming traffic will be coming across two T1s with a public network range
of let's say 1.2.3.4
My outgoing traffic will be going out across four T1s with a public network
range of let's say 5.6.7.8..
Here's another simple diagram hitting on some of the questions (I hope) :
internet internet
2 t1s 4 t1s
| |
| 1.2.3.x | 5.6.7.8
| |
| .1 | .1
director NAT FW
| .1 | .254
| |
| 10.1.1.1.x |
| |
------------------------------------
| | |
RS1 RS2 RS3
.2 .3 .4 DG = .254
Will this work?
I think the picture is a little more clear here..
Thanks!
-ed
-----Original Message-----
From: Julian Anastasov [mailto:ja@xxxxxx]
Sent: Sunday, June 30, 2002 4:30 PM
To: Ed Crotty
Cc: lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Subject: Re: DR capabilities - not arp question :)
Hello,
On Fri, 28 Jun 2002, Ed Crotty wrote:
> > I have a fundemental question about the capabilities of DR.. We have been
> > happy users of LVS NAT for a couple of years but due to bandwidth
> > constraints, we need to reimplement our current strategy.
> >
> > I have a couple of questions about the DR implementation (no its not about
> > ARP :D)
> >
> > Scenario - Today we have a fully, correctly functioning LVS setup. It is
> > NAT based.
> > It goes out to 4 bonded T1s. Everything is happy.
> >
> > Future - We have an additional 2 T1s on a different network to the
> > ineternet that we would
> > like to have all incoming traffic come down, and push the
> > outbound traffic out
> > the 4 bonded T1s
> >
> > It seems to me that DR will be able to accomplish this.. Is this
> > accurate? Can the RS network be a private segment as long as it
> > has VIPs for the virtual defined on the machine? The reason
> > I ask is that we would like to do as little change to the network as
> > possible (if its not possible however, such is life!)
Yes. The DR RSs can work on private subnet. The question
is whether their gateway is on the same subnet.
> > Current LVS implementation
> >
> >
> > |
> > | internet (out to 4 bonded T1s)
> > =========================
> > | |
> > | director |
> > =========================
> > | private segment .1
> > |
> > |
> > ------------------------------------- (10.1.1.0)
> > | | | |
> > | | | |
> > RS1 .2 RS2 .3 RS3 .4 RS4 .5
> > RS DG = 10.1.1.1
> >
> > Possible DR implementation (?)
> >
> > (note 2 T1s become incoming traffic points and 4 T1s become outbound
> > traffic)
Hm, asymmetric routing
> > internet (out to 4 T1s) |
> > | | internet (out to 2 bonded T1s)
> > | =========================
> > ====== | |
> > | FW | | director |
> > ====== =========================
> > | .254 | private segment .1
> > | |
> > | |
> > --------------------------------------------------------- (10.1.1.0)
> > | | | |
> > | | | |
> > RS1 .2 RS2 .3 RS3 .4 RS4 .5
> > RS DG = 10.1.1.254
> >
> > Will this scenario work? Both the 4 T1s and the 2 T1s have different
> > public network ranges
Can you believe: only in Linux 2.2 you can use LVS
with multiple uplinks (multipath routes).:
http://www.linuxvirtualserver.org/~julian/#routes
I still don't know how looks the asymmetric routing (2 T1
in, 4 T1 out) and whether you really need the above patches.
> > as well...
Is the IP spoofing allowed across the different ISPs?
From your words, it seems, yes.
> > Thanks!
> >
> > -ed
Regards
--
Julian Anastasov <ja@xxxxxx>
|