|
Hi All,
We have a trial system running LVS/TUN, (loadbalancer feeding 2 x Webservers
(down the tunnels) talking to two tomcat servers back-ended with 2 x MySQL
dB's,
Initially the LVS / TUN was configured in the conventional way with the
loadbalancer doing the client -> server process and the return traffic to
the client going directly out from the side of the webservers to the client.
Now ! this configuration ran into problems as our hosting firewall
(Checkpoint FW1) was throwing away the return packets to the clients as if
it had no concept of where these packets came from (I think this was because
the MAC was different to that of the loadbalancer (virtual server) I'm not
sure on that sorry). Anyway, to resolve the issue the developers configured
the webservers to have a default route of the loadbalancer, therefore
squirting the return traffic back through the tunnel !
Well! I have not seen this style of configuration for LVS / TUN (yes this is
correct for LVS / NAT) but it worked at the time, however I am now seeing
queues (and often stalling of the service) as the webserver -> tomcat
bottlenecks.
I would love some constructive comments on the above information (anything
that would point to the best resolution to this problem).
regards
Laurie
|
