LVS
lvs-users
[Top] [All Lists]
Google
 
Web LinuxVirtualServer.org
<prev [Date] next> <prev [Thread] next>

Re: LVS and multiple squid instances

from [Carsten Thieswald1] [Permanent Link]
To: "LinuxVirtualServer.org users mailing list." <lvs-users@xxxxxxxxxxxxxxxxxxxxxx>
Subject: Re: LVS and multiple squid instances
Cc: "LinuxVirtualServer.org users mailing list." <lvs-users@xxxxxxxxxxxxxxxxxxxxxx>
Cc: lvs-users-bounces@xxxxxxxxxxxxxxxxxxxxxx
Cc: Georg Stein1 <GSTEIN@xxxxxxxxxx>
From: Carsten Thieswald1 <THIESWA@xxxxxxxxxx>
Date: Wed, 23 Mar 2005 11:49:42 +0100 
Stefan Schmidt <zaphodb--lvs-users@xxxxxxxxxxx> 
Sent by: lvs-users-bounces@xxxxxxxxxxxxxxxxxxxxxx
17.03.2005 18:49
Please respond to
"LinuxVirtualServer.org users mailing list."


To
"LinuxVirtualServer.org users mailing list." 
<lvs-users@xxxxxxxxxxxxxxxxxxxxxx>
cc
Georg Stein1/Germany/IBM@IBMDE
Subject
Re: LVS and multiple squid instances






On Thu, Mar 03, 2005 at 10:14:13PM +0100, Carsten Thieswald1 wrote:
> We have currently 4 powerful machines with 4 virtual CPU's each and 
> RHAS30. Current we run LVS DR and on each systems is an active squid 
> instance. Unfortunately squid doesn't scale well on SMP systems. To 
> improve the performance I want to run additional squid instances on 
> virtual ip addresses and different ports. The loopback interface would 
be 
> able to serve the requests but they can't be addressed by the LVS 
> director. The VIP Port can't be changed. I found an interesting hint 
from 
> Francois Jeanmougin by using Port NAT with iptables on the Real Server:
> 
> realserver:/# /sbin/iptables -t nat -A PREROUTING -d VIP -p tcp -m tcp 
> --dport 80 -j DNAT --to-destination VIP
> 
> But this doesn't solve my problem. This rules makes pnat to all packets 
> destined to VIP:Port and already before it is decided which vitrtual 
> interface to use eth0:0 or eth0:1. 
In my recursive Nameserver cluster setup i use multiple 'real' 802.1q/vlan
Interfaces to distribute the load to multiple named instances with DNAT 
and
specifying the Interface on the Realserver:
iptables -t nat -A PREROUTING -i eth1.105 -d <ServiceIP> -p tcp --dport 53 
-j DNAT --to-destination 10.1.53.2:53
the named process listens on 10.1.53.2:53 which is also the RealserverIP.
The virtual Interface notation you used is misleading as it implies that 
you
can use it as a 'real' Interface but it really is just an alias and the
Interface the kernel uses is really still eth0.

Hello Stefan,

it is very interesting what you wrote. But unfortunately I couldn't 
rebuild it.
I did 
--> vconfig add etho 2
--> ifconfig eth0.2 10.92.1.15 netmask 255.255.255.255 up
--> ping and ssh from another system work fine to this ip address
Then I started iptables -t nat -A PREROUTING -i eth0.2 -j LOG but nothing 
ended up in the logfile.
Do I need to configure anything on the switches?
Any idea? 

Sorry for the Cisco terminology but i find it is easier to remember what 
is
meant by it. 

                 Stefan
-- 
In The Beginning there was nothing, which exploded.
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: ipvs repartition problem, Todd Lyons
Next by Date:  LVS, firewalling, and masquerading, Trevin Harlan
Previous by Thread:  Re: LVS and multiple squid instances, Stefan Schmidt
Next by Thread:  Carsten Thieswald1/Germany/IBM is out of the office., Carsten Thieswald1
Indexes:  [Date] [Thread] [Top] [All Lists]