LVS
lvs-users
Google
 
Web LinuxVirtualServer.org

Re: Hosting with LVS-DR or NAT?

To: "LinuxVirtualServer.org users mailing list." <lvs-users@xxxxxxxxxxxxxxxxxxxxxx>
Subject: Re: Hosting with LVS-DR or NAT?
From: Vasiliy Boulytchev <vasiliy@xxxxxxxxxxxxxxxx>
Date: Thu, 23 Feb 2006 11:04:56 -0700

Graeme Fowler wrote:
On Wed, 2006-02-22 at 14:45 -0800, William Olson wrote:
Yep, that's pretty much how we do it.
<snip>

You could also do this using ports instead of IP addresses, so if you
ever extend the cluster internally you don't end up using thousands of
"internal" (whether RFC1918 or public) IP addresses.

Say you had a simple 1 director, 2 node cluster using LVS-NAT. It has 10
VIPs, VIP1 thru VIP10.

The director has VIP1 thru VIP10 on its' public interface. You then
configure your LVS for each VIP such that:

VIP1 port 443  -> RIP1 and RIP2 port 20001
VIP2 port 443  -> RIP1 and RIP2 port 20002
...
VIP10 port 443 -> RIP1 and RIP2 port 20010

Clearly this means that your customers may be able to determine for
themselves that their environment details show that their port is not
443. This can have far-reaching implications in certain areas of
e-commerce, but it does save you ending up with a billion IP addresses
on your realservers :)

Graeme

_______________________________________________
LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
or go to http://www.in-addr.de/mailman/listinfo/lvs-users
Gents,
I GREATLY! appreciate your inputs! The port forwarding sounds like a neat trick :)

--
Vasiliy Boulytchev
Colorado Information Technologies
www.coinfotech.com


<Prev in Thread] Current Thread [Next in Thread>