LVS
lvs-users
[Top] [All Lists]
Google
 
Web LinuxVirtualServer.org
<prev [Date] next> <prev [Thread] next>

Re: LVS_NAT + IP based vhosts

from [Graeme Fowler] [Permanent Link]
To: lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Subject: Re: LVS_NAT + IP based vhosts
From: Graeme Fowler <graeme@xxxxxxxxxxx>
Date: Wed, 14 Dec 2005 15:29:16 +0000 
On Wed 14 Dec 2005 15:11:54 GMT , Michael Green <mishagreen@xxxxxxxxx> wrote:

Is it possible to make Apache's IP based vhosts work under LVS-NAT?
If yes, links to appropriate reading will be much appreciated.
If, by that, you mean Apache vhosts whereby a single vhost lives on a single IP then the answer is definitely "yes", although it may seem counter-intuitive at first. 

Excuse the egg-sucking lesson here:
If you're using IP based virtual hosting, you have a single IP address for *each and every* virtual host. In the 'classic' sense this means your server has one, two, a hundred, a thousand IP addresses configured (as aliases) on its' interface which faces the internet and a different vhost listens to each interface.
In the clearest case of LVS-NAT, you'd have your public interface on the director handle the one, two, a hundred, a thousand _public_ IP addresses and present those to the internet (or your clients, be those as they are). Assuming you have N realservers, you then require N*(one, two, a hundred, a thousand) private IP addresses and you configure up (one, two, a hundred, a thousand) aliases per virtual server. You then setup LVS-NAT to take each specific public IP and NAT it inbound to N private IPs on the realservers. 

Still with me? Good.
This is a network management nightmare. Imagine you had 256 Virtual IPs, each with 32 servers in a pool. You immediately need to manage an entire /19 worth of space behind your director. That's a lot of address space (8192 addresses to be precise) for you to be keeping up with, and it's a *lot* of entries in your ipvsadm table. 

There is, however, a trick you can use to massively simplify your addressing:
Put all your IP based vhosts on the same IP but a *different port* on each realserver. Suddenly you go from 8192 realserver address (aliases) to, well, 32 address (aliases) with 256 ports in use on each one. Much easier to manage.
For even more trickery you could probably make use of some of keepalived's config tricks to "pool" your realservers and make your configuration even more simple, but if you only have a small environment you may want to get used to using ipvsadm by hand first until you're happy with it. 

HTH

Graeme
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  LVS_NAT + IP based vhosts, Michael Green
Next by Date:  lvs for special application, Andrés Cañada
Previous by Thread:  LVS_NAT + IP based vhosts, Michael Green
Next by Thread:  Re: LVS_NAT + IP based vhosts, Michael Green
Indexes:  [Date] [Thread] [Top] [All Lists]