|
Hi.
I encounter some difficulties to make the above ascii-described
architecture working with lvs :
Local Lan -- [192.168.1.0/32] -----+
|
+----------+----------+
RIP: 192.168.1.2/eth0 | VIP: 192.168.1.254 | RIP: 192.168.1.3/eth0
| [default gw Lan C.] |
EC1 <-- heartbeat --> EC2
192.168.2.2/eth1 | | 192.168.2.3/eth1
+----------+----------+
| | |
192.168.2.4/eth0 FW1 FW2 FW3 192.168.2.5/eth0
| | |
+----------+----------+
|
Internet ---[gw: 192.168.2.254] -----+
With EC => LoadBalancer (RedHat 7.3 with UltraMonkey's adhoc RPMS)
and FW => Firewall (RedHat 7.3, Netfilter and a transparent TrendMicro
HTTP Antivirus)
This archi's goal is to provide HA and loadbalanced firewalling and
antivirus services to Local Lan users in a transparent way. The ECs are
intended to run in active/backup mode and their "only" task is to
loadbalance all traffic from Local Lan (and bring it back to users, that
says the ECs are the way back from Internet to Local Lan for packets).
I used firewall marking to (try to) loadbalance traffic from Local Lan to
the Internet via the FW without so much success.
I forgot to say that before trying doing this, I managed to make this kind
of loadbalancing in a much common (simpler ?) way, that is between Local
Lan and 3 realservers (Apache). Problems occured when trying to make the
"realservers" route traffic to Internet and back to the directors.
After three (loooong) days, I fail finding what's wrong, what made me end
up by calling you at help, if anyone could put the point on what I did
wrong...
Any further information about my servers will be given if needed.
Thanks in advance.
Regards, especially my best,
--
Guillaume Arcas
---------------------------------------------------
Le monde est ma représentation. S'il est une vérité
qu'on puisse affirmer, c'est bien celle-là.
A. Schopenhauer
|
