> So far, this has confused eveyrone I've mentioned it to, but here goes.
> My director has two NICs, one exposed to the internet, and the other
> exposed to a private LAN. The public interface has many addresses bound
> to it, so I have public interfaces eth0, eth0:1, ..., eth0:x. I use eth0
> for load balancing between realservers on the private LAN. I use
> eth0:1-eth0:13 to have direct access to certain machines. All my ipvsadm
> rules are LVS-NAT. So if I have a machine on the private LAN with IP
> address 192.168.1.10, I have a particular interface, eth0:n, on the
> director with a bunch of LVS-NAT rules that all forward to 192.168.1.10.
> No rules for eth0:n go to anywhere other private IP, and no rules for
> any other interface eth0:m, where m != n, go to 192.168.1.10. So I have
> some traffic load balanced, and can still access realservers directly.
> All the realservers have the private (192.168.1.x) address of the
> director as their default gateway, there is no other route outside of
> the private lan.
>
> Hope that didn't confuse you. :)
No, I understand, that's typical NAT operation with your Director acting as
a router.
What happens if the Director(s) blows up and you, the only person who can
bring a website that thousands depend on to do their work back up, is 10hrs
away from the office? That's my situation, and I need to be able to access
the individual machines from their public IP address via ssh no matter where
I am, or if an individual machine or machines is down. Well, except the
router, if that's down, oh well ;)
If the director has fried, I want to be able to run a little script on one
of the webservers and have it take over the website's ip. The director is
the old dev db machine which had the hdd fry. 3rd drive to fail in a year,
so it's not that far fetched :-)
Is there an ivs mode (DR or TUN) that either doesn't require a private
network, or that can coexist with a public network?
Thanks,
-Jacob
|