|
Hi,
I'm currently analyzing various setups using LVS.
What I would like to know is that if it is possible, in an LVS-TUN
setup, to route back (again with a tunnel) the responses trough the
director.
The reasons for this are:
- monitor the response traffic from the realservers;
- don't mess with the routes in the realservers network router.
Now, even if this is possible, i know that i would have the martian
packets problem (http://www.austintek.com/LVS/LVS-HOWTO/HOWTO/LVS-
HOWTO.LVS-DR.html#LVS-DR_director_default_gw). And probably couldn't
monitor the response traffic with ipvsadm (this probably works with
LVS-NAT only).
So here's what I was thinking also:
1 - On the director I would setup LVS-NAT and somehow tunnel the
request to the RealServers.
2 - The realservers would have tunl0 with ip address 192.168.0.x (for
example).
3 - Add a route on the realservers based on the source address,
tunneling the traffic back to the director.
4 - In the director setup a tunl0 to receive that traffic.
I think my main problem is with the first step. How can I add that
tunnel in the director (with iptables or iproute) whiteout messing
with the IPVS LVS-NAT rules?
Thank you for your time helping the newbie!
Paulo F. Andrade 52439@IST
mailto: pfca@xxxxxxxxxxxxxxx
|
