|
> So I'm wondering if there is any difference (in performance or security)
> about these alternatives, that may inluence the decision:
>
> * Solving at realserver level
> a) Getting my servers to port 80
> b) Redirecting my server port 80 to 8080
>
> * Solving at director level
> c) Balance port 80 and then redirect outgoing 80 to 8080
> d) Redirecting port 80 to port 8080, and then balance.
I forgot one thing:
I have first tryed to build a LVS-NAT and there I've got the rules to do
NAT from port 80 at the director to port 8080 at the realserver, and it
worked fine (as expected).
I've just looked to my configuration script (home made) and I've notisted
that at my rules for LVS-DR I also write the destination port:
/sbin/ipvsadm -a -t $VIP:8080 -r $REALSERVER_2:8080 -g -w 1
This happened 'cause I reused the config script from my lvs-nat setup,
where the realserver:port is mandatory.
I'm now wondering wether , in lvs-dr, the "port" from realserver:port
actually does something or is simply ignored...
In short: can I do
sbin/ipvsadm -a -t $VIP:8080 -r $REALSERVER_2:80 ?
Thanks
|
