Re: LVS in DirectRouting Mode Question

To:	"Frankie Gravato" <lvsmaillist@xxxxxxxxxx>
Subject:	Re: LVS in DirectRouting Mode Question
Cc:	lvs-users@xxxxxxxxxxxxxxxxxxxxxx
From:	Matthew Crocker <matthew@xxxxxxxxxxx>
Date:	Wed, 8 Oct 2003 11:42:05 -0400

On Wednesday, October 8, 2003, at 11:31 AM, Frankie Gravato wrote:

Hi Matt,

I'm still unsure what you mean by this? Does it mean that for example my lvs-dr which would be example www.slingo.com and my Rips would be www1 www2 www3
so if user typed in www3.slingo.com they are able to go directly is what your indicating?

Yes.

If www.slingo.com is 12.34.56.78 and is the VIP of your LVS system running LVS-DR, And your real servers have real IP addresses (12.34.56.79, 12.34.56.80 etc) then people could connect directly to the real servers. You could put a packet filter at the router to stop this or filter rules on the real servers. You could also setup Apache on the real servers to only accept connections on the VIP (12.34.56.78)

-Matt

----- Original Message -----
From: Matthew Crocker
To: Frankie Gravato ; LinuxVirtualServer.org users mailing list.
Sent: Wednesday, October 08, 2003 10:59 AM
Subject: Re: LVS in DirectRouting Mode Question

Frankie,

You can use any IP address you would like. LVS doesn't know nor care about RFC 1631 address space. You will want to be careful and protect your real servers if that are listening on real IP addresses though. Someone could bypass the LVS server by connecting to the RIP of a real server if it is a routable IP. This may or may not be a good thing (tm)

-Matt

On Wednesday, October 8, 2003, at 08:07 AM, Frankie Gravato wrote:

Hi,

Not sure if this has been mention on the list. I'm planning on using Lvs in Direct Routing Mode. Will I be required to use RFC 1631 ip address or could I use my standard public ips address provided by my upstream provider. Any insight will be greatly appreciated.
-
Frankie Gravato ---- < fgravato@xxxxxxxxxx >
----------------------------------------------------------------
Systems & Network Engineering
Slingo Inc. --- www.slingo.com
" First in Fun "
201-871-4900
_______________________________________________
LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
or go to http://www.in-addr.de/mailman/listinfo/lvs-users

<Prev in Thread]	Current Thread	[Next in Thread>
LVS in DirectRouting Mode Question, Frankie Gravato Re: LVS in DirectRouting Mode Question, Matthew Crocker Re: LVS in DirectRouting Mode Question, Frankie Gravato Re: LVS in DirectRouting Mode Question, Matthew Crocker <= Re: LVS in DirectRouting Mode Question, Horms

Previous by Date:	Re: slow response of the realserver, Joseph Mack
Next by Date:	Re: LVS in DirectRouting Mode Question, Horms
Previous by Thread:	Re: LVS in DirectRouting Mode Question, Frankie Gravato
Next by Thread:	Re: LVS in DirectRouting Mode Question, Horms
Indexes:	[Date] [Thread] [Top] [All Lists]