|
On Wed, 2004-06-23 at 10:02, Lars Marowsky-Bree wrote:
> On 2004-06-22T13:04:08,
> Brett Simpson <simpsonb@xxxxxxxxxxxxxxxxxxxxxx> said:
>
> > Method three (NAT/DR):
> > Setup an Iptables NAT that will allow the LVS realservers to access the
> > remote machine by IP address. Setup LVS-DR for your realservers.
>
> Again, I don't get it at all; what's new here? Of course LVS-NAT needs
> to be accompanied with a iptables NAT if the realservers are also to be
> allowed a direct connection to the clients...
Let me try and diagram this...
172.27.228.145 Realserver on port 8080
|
|
|
172.27.228.1
Firewall
207.156.7.1
|
|
|
207.156.7.15 :port 8080 LVS-NAT off of 127.0.0.1:8080
LVS Director
iptables from 172.27.228.145:8080 to 127.0.0.1:8080
Clients would connect to 207.156.7.15:8080, LVS-NAT takes them to
127.0.0.1:8080, and iptables moves them to 172.27.228.145:8080. This way
the Realserver doesn't have to use the LVS Director as it's default
gateway.
Brett
|
