|
On Tue, Aug 02, 2005 at 10:58:28AM -0400, Reid Sutherland wrote:
> This can be considering an iptables tables question, but I would
> imagine someone here must have done this before.
>
> I'm using LVS TUN. My problem is the "real servers" need to make
> requests to the cluster themselves. Obviously this doesn't work
> quite right since it ends up hitting the local host rather than the
> cluster (since the cluster IP is bound to tunl0).
>
> Could someone drop me a hint as to what they did to solve this issue?
>
> I've tried all sorts of iptables targets (route, redirect, d/snat) in
> order to "proxy" the traffic to fake LVS out. Here's a quick example
> of how I see the solution, but cannot get there.
>
> _Director_
> VIP: .1
> LVS faker IP: .100
>
> _Real Servers_
> RIP1: .10
> RIP1: .11
>
> I tell the real servers to connect to .100 instead of .1. Then I
> setup some sort of iptables based proxy on .100 and redirect the
> traffic back and worth between .100 and .1. The rest of the system
> that needs the cluster simply hits .1.
>
> So has anyone done something this wacky before? Or can suggest
> something else (please don't say LVS NAT, I'm trying to avoid it)?
Someone asked me about this the other day in the context of LVS-DR,
which has much the same problem. My immediate thought was to try
to use policy routing (man ip(8)) but I haven't had a chance to test
this out.
--
Horms
|
