LVS
lvs-users
Google
 
Web LinuxVirtualServer.org

Re: RedHat 7.3 and lvs for kernel 2.4

To: lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Subject: Re: RedHat 7.3 and lvs for kernel 2.4
From: Joseph Mack <mack.joseph@xxxxxxx>
Date: Fri, 27 Sep 2002 10:40:50 -0400
Alex Kramarov wrote:
> 
> it's a wrong assumption.
> 
> I run iptables and ipvs on a master-master cluster for months, without any
> problems.
> I use stateful iptables rules, and i don't use ipvs sync daemon - these two
> negate each other.

actually they are two independant problems. Currently iptables has no
(stateful) failover capability. Harald Welte is working on it, but it probably
won't be done for a year. This means you can't have stateful iptables rules
on a machine that gets failed out and expect the connection to continue.
If you want to failout a director, the iptables rules on the director must
be stateless. If you want stateful iptables rules, you can have them on
the realservers. If they failout, you loose the connection to the client
in any case.

Joe

-- 
Joseph Mack PhD, Senior Systems Engineer, Lockheed Martin
contractor to the National Environmental Supercomputer Center, 
mailto:mack.joseph@xxxxxxx ph# 919-541-0007, RTP, NC, USA


<Prev in Thread] Current Thread [Next in Thread>