|
Date: Tue, 30 Mar 2004 19:54:23 +0100
From: Neil Prockter <prockter@xxxxxxxxx>
Subject: Re:
To: "LinuxVirtualServer.org users mailing list."
<lvs-users@xxxxxxxxxxxxxxxxxxxxxx>
Message-ID: <4069C25F.3050006@xxxxxxxxx>
Content-Type: text/plain; charset=us-ascii; format=flowed
yep I do this with lvs and with cisco css units
Joseph Mack wrote:
> Neil Prockter wrote:
>
>>p.s.
>>
>>you don't HAVE to have the nat set as the default gw you can avoid it if
>>you wish buy setting up
>>
>>echo 80 lvs >> /etc/iproute2/rt_tables
>>ip route add default <lvs gw address> table lvs
>>ip rule add from <RIP address as known by lvs> table lvs
>>
>>this says any traffic from the address the lvs woudl send to goes back
>>that way
>
>
> so you're saying that the although the return traffic has to go through
> the director, the director doesn't have to be the default gw for the
> realservers?
>
> Sounds reasonable. You've checked it?
>
> All the documentation for LVS-NAT was written years ago and I've not looked
> at this part of it again.
>
> Joe
>
>
>>>real server interface on the director, that will guarantee all traffic will
>>>come back through the director. By default, the path to the clients on the
>>>real servers would not be through the director but it needs to be, so
>>>SNAT'ing would allow/force that.
>>>randy
>
>
> I'm not sure why you're doing this, when there is a method in place for
> handling
> it already. Are you asking a question or telling us you have something
> working that
> we ought to know about?
>
> Joe
I didn't know that LVS masquerades in both directions. I thought it kept the
original client ip's. All of the documentation/examples i have seen show the
real servers being on the same network as the director's NAT'ed network. I
wanted to have other real servers on another network off of the NAT'ed network,
but they have a different path out to clients. I was looking for a way to
force traffic back through the director. I guess i was asking is this
feasible, or how does LVS handle it.
randy
|
