Hi.
I have 2 directors (active/active), running with
keepalived. behind them are 4 real servers, running nt (yaicccssss, didn't have
a choice...). The directors have 2 vip's , each each directed (lvs-nat) to
pair to realservers, each pair provides separate functions, working great, no
problem here. all the realservers are on the same network 10.0.0.0/24. Now,
i need to access from a server in pair 1 to a server in pair 2, and i need to do
that through some highly available point (not though connecting to one of the
servers directly, but through some vip on the internal network). Now, i am
trying to understand how this would work. Tried lvs-nat, establishing vip
10.0.0.x on the director, but it didn't work, and on second throught it seems
that for lvs-nat to work, there has to be routing ? so vip and real
servers must be in different ip subnets ?
Is there a way to fulfill this requirement though
lvs-nat ? if not, will dr do the trick ?
and another question - i am using the directors
aslo as iptables firewalls, so right now the sync daemon is useless to me
(during failover ip_conntrack data is not updated, so the state sync for lvs is
useless). Are there plans to include iptables sync into lvs sync ?
Thank you.
Alex
|