|
We have the following situation:
Tiered network setup with 2 subnets.
63.146.190.144/29
gateway: 63.146.190.145
and
66.77.170.0/25
iptables: http://66.77.170.2/iptables.txt
current ipvsadm rules:
-A -t 66.77.170.12:80 -s rr
-a -t 66.77.170.12:80 -r 66.77.170.5:80 -g -w 1
-a -t 66.77.170.12:80 -r 66.77.170.4:80 -g -w 1
In DR setup. I don't like to use NAT.
At this point a high quality web server also does the routing, firewalling
and LVS which is a SPOF.
eth0: 63.146.190.148
eth1: 66.77.170.0/25
gateway for servers behind eth1: 66.77.170.1
eth2: 10.0.0.0/24 (for backup, M$SQL replication etc.)
So I like to move the routing, firewalling and LVS to 2 LVS routers. The
reason I don't want a separate router for routing the 2 subnets and
firewalling is because then that single router will be the SPOF. A high
quality hardware router for merely routing the subnets is relatively too
expensive and I rather use *nix because of its versatility and of course low
price.
Because we don't use a separate router, the DIP is the same as the default
gateway IP, so to get round the 'source martian' problem I had to patch the
kernel http://www.ssi.bg/~ja/#lvsgw for the extra 'forward_shared' option.
Question:
>From what I understood the DIP will be automatically transferred to the
backup LVS if the master fails. Does it also transfer the default gateway?
Of course I can't configure 66.77.170.1 on both LVS routers.
Thanks,
Martijn Stam
|
