|
I have an lvs server that also needs to be an SSL proxy..
My first idea was to use 2 external ip addresses, have
one of them proxypass to the other external ip address.. And
have that other ip address be the ip address that LVS sits on.
That doesn't seem to work because of my nat configuration, my internal
box can't talk to that external Ip address.
My second idea was to have
EXTERNAL_IP 1
Proxypass to an internal ip address :
192.168.1.20 which would loadbalance to realservers
192.168.2.54 and .55
And have my realservers use 192.168.2.1 as a gateway.
The problem is I don't have enough Nics..
I have 2 NICS ..
Can I put
EXTERNAL_IP on eth0
192.168.1.1 and .20 on eth1
192.168.2.1 on eth1:1 ?
Will that work? That's what I'm trying now, and it doesn't seem to work..
From the machine I can telnet to 192.168.2.54 and .55 port 80 and it works,
but when I try telnetting to the load balanced IP, It doesn't work :
# ipvsadm
IP Virtual Server version 1.0.6 (size=65536)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.1.20:http rr
-> app2:http Masq 1 0 0
-> app1:http Masq 1 0 0
-> localhost.localdomain:http Local 0 0
Trying 192.168.1.20...
telnet: connect to address 192.168.1.20: Connection refused
[root@lb1 ha.d]#
So what do I have to do to be able to telnet to make this work? Do I need
a second level of load balancers? If so, that's pretty cheesy. Is this
a limitation of having multiple networks routing on one ethernet device?
|
