|
Hello...
> On Tue, 4 Apr 2006, Francisco Gimeno wrote:
> > Hello:
> >
> > I just wanted to know if it's possible balancing packages generated by
> > NATing them in the box where the ip_vs resides ( DR Mode ).
>
> Don't really understand your posting, but since no-one else
> has tried...
>
> If the packets are being generated locally on the director,
> they can't be LVS'ed
well.. the packet is not generated locally on the director. It comes to the
director from outside, then netfilter apply a DNAT and finally ipvs...
a frame containing an IP packet:
let's describe it as:
[ Origin MAC Address | Dest MAC Address | Origin IP | Origin Port |
Destination IP | Destination Port ]
[ Cisco Router MAC | ProxyCache MAC | Client_IP | RandomPort | Google IP |
80 ]
A packet like this arrive to the eth0 interface at the ProxyCache box.
An iptable rule say to introduce this packet in local box this way for
example:
iptable -t nat -A PREROUTING -p tcp -dport 80 -j REDIRECT --to-port 3128
( or -j DNAT --to LOCAL_IP:3128 )
Then, a local proccess ( squid from www.squid-cache.org ) is listening at
3128, and it receives , processes and serves the request.
The packet received by Squid is:
[ Client_IP | RandomPort | LOCAL_IP!!! | 3128 ]
Well.. now, I want to substitute the squid by an LVS load balancer. So, my
iptable rule should be:
iptable -t nat -A PREROUTING -p tcp -dport 80 -j DNAT --to VIP:3128 ( in the
Director BOX )
Then, I prepare ipvs to balance the VIP in the 3128 port.
I was willing to use DR ( this should load-balance arount 250MB-500MB
traffic ), but I have finally though that the DNAT couldn't be UNDNATted if
the returned packet doesn't go through the box containing the NAT Table ( ie:
the director ).
I'm working now on the NAT scenario, but it's too complex to reproduce it.
I finally have though that the DNAT could be done in the router, but it isn't
trivial with Cisco as netfilter is.
>
> Joe
Thx for your interest
<kikov> Francisco Gimeno
|
