|
I've got an LVS-DR setup that's working and ticking over happily up to
(1.7+Mb/s according to mrtg), where the real servers are all publicly
routable addresses. Given that all is well and just in the world,
we're looking to expand, but it seemed kind of silly to keep getting
public ips when 98% of the traffic the hosts see will be from LVS
anyway. So with our next hardware I tried to add a private address
(192.168.x.y) to the LVS. It wouldn't respond. I could test the
service directly and it seemed fine.
I'm obviously missing something important even after rtfming till I'm
blue in the face and my manager is red in the face. :-/
The network topology looks like
ISP -- switch -- (director, real servers)
VIP: 68.xx.xx.174
DIP: 68.xx.xx.171
RIP: 68.xx.xx.163-170
Gateway: 68.xx.xx.161
Private: 192.168.8.3-12 (each RIP got a private IP as I thought this
was gonna be "easy" to transition to a full
private LVS-DR)
Private gw: 192.168.3.5 (one of the existing real servers was
masquerading for network connectivity)
I figured it might be from the private-RIP trying to go out the
private-gw but I tried some routing mayhem and got the default gateway
on the private link to be the 68.xx.xx.161 but still no proper
response from the server in question.
So, my questions are:
1) Can LVS-DR handle private addresses? (assume yes)
2) Can LVS-DR handle a mix of private and public addresses?
3) If I set up a purely private LVS-DR, what should I do for
private-ip routing? I've read docs that seem to indicate that as
long as you're on the same segment it shouldn't really care if
you're gateway'd at all or not. But maybe I've just lost my mind.
4) Any other clues that would be of assistance in cutting from a
public RIP LVS-DR to a private RIP LVS-DR?
Thanks in advance,
David
|
