LVS
lvs-users
Google
 
Web LinuxVirtualServer.org

RE: LVS via Direct routing

To: "LinuxVirtualServer.org users mailing list." <lvs-users@xxxxxxxxxxxxxxxxxxxxxx>
Subject: RE: LVS via Direct routing
From: "Graham David Purcocks M.A.(Oxon.)" <grahamp@xxxxxxxxxxxxx>
Date: Tue, 17 May 2005 15:17:24 +0100
1. If you are using RHEL 3 or before then this method of disabling arp
will not work as they use 2.4 kernels, this is for 2.6 kernels only.
Hence my request of the RedHat versions.

I am now using arptables_jf which works well. Once we know what
version(s) you are using we can be even more help.

Graham

On Tue, 2005-05-17 at 14:09, Francois JEANMOUGIN wrote:
> 
> Ramprasad A Padmanabhan :
> > 
> > I dont want to complicate my job , more than it is required. ( It is
> > already in a mess ). I am kind of stuck implementing LVS.
> 
> It was the same for me at the beginning...
> 
> > Since yesterday I have been reading the docs LVS Howto, on setting up a
> > LVS. I have decide to use Direct routing.
> 
> It is a good choice.
> 
> >    Suppose I use Linux kernel 2.6.11.x ( SUSE ) as the LVS director and
> > the realservers as Redhat machines , I want to know if
> > 
> > 1) Should I disable arp on lo , only on the director machine.
> 
> You should disable ARP on the realservers NOT on the director. On the
> realservers, just use :
> net.ipv4.conf.lo.arp_ignore = 1
> net.ipv4.conf.lo.arp_announce = 2
> net.ipv4.conf.all.arp_ignore = 1
> net.ipv4.conf.all.arp_announce = 2
> 
> > 2) If all my machines ( LVS director + realservers )  have valid
> > internet IP's do I require to have a private network between my director
> > and realservers.
> 
> It is a better solution but it works even with only one network.  I use it
> another way, I have DR setups that are only on my private network (for
> internal application backends). So, if yuoou do not mess your ARP
> configuration, it is possible to have all your LVS on your public network.
> 
> BUT, it is not wise to have administration flows on the same network as
> internet flows, so, I would advise you to route your queries from director to
> realservers via the private network.
> 
> Say :
> 
> Query -> eth0 on director (public (VIP) -> eth1 on director (private RIP) ->
> eth1 on realserver (private) -> lo:x on realserver (VIP) -> APPLICATION ->
> lo:x on realserver (outgoing paquet has VIP as the source address) -> eth0 on
> realserver (public RIP) -> client.
> 
> > I know these questions are too basic , but for a newbie the docs are a
> > lot of mumbo-jumbo. I will be reading them again , but I can sure use
> > help.
> 
> Yes you can. It is not so easy to setup the first LVS. But when you have one
> running, you need to re-read the docs again :).
> 
> François.
> _______________________________________________
> LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
> Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
> or go to http://www.in-addr.de/mailman/listinfo/lvs-users
-- 

<Prev in Thread] Current Thread [Next in Thread>