LVS
lvs-users
Google
 
Web LinuxVirtualServer.org

Re: Need help with a redirect hack

To: reid@xxxxxxxxx, <lvs-users@xxxxxxxxxxxxxxxxxxxxxx>
Subject: Re: Need help with a redirect hack
From: Horms <horms@xxxxxxxxxxxx>
Date: Wed, 3 Aug 2005 15:52:43 +0900
On Tue, Aug 02, 2005 at 10:58:28AM -0400, Reid Sutherland wrote:
> This can be considering an iptables tables question, but I would
> imagine someone here must have done this before.
> 
> I'm using LVS TUN.  My problem is the "real servers" need to make
> requests to the cluster themselves.   Obviously this doesn't work
> quite right since it ends up hitting the local host rather than the
> cluster (since the cluster IP is bound to tunl0).
> 
> Could someone drop me a hint as to what they did to solve this issue? 
> 
> I've tried all sorts of iptables targets (route, redirect, d/snat) in
> order to "proxy" the traffic to fake LVS out.  Here's a quick example
> of how I see the solution, but cannot get there.
> 
> _Director_
> VIP: .1
> LVS faker IP: .100
> 
> _Real Servers_
> RIP1: .10
> RIP1: .11
> 
> I tell the real servers to connect to .100 instead of .1.  Then I
> setup some sort of iptables based proxy on .100 and redirect the
> traffic back and worth between .100 and .1.  The rest of the system
> that needs the cluster simply hits .1.
> 
> So has anyone done something this wacky before?  Or can suggest
> something else (please don't say LVS NAT, I'm trying to avoid it)?

Someone asked me about this the other day in the context of LVS-DR,
which has much the same problem. My immediate thought was to try
to use policy routing (man ip(8)) but I haven't had a chance to test
this out.

-- 
Horms

<Prev in Thread] Current Thread [Next in Thread>