On 10/11/06, Sebastian Vieira <sebvieira@xxxxxxxxx> wrote:
On 10/10/06, Graeme Fowler <graeme@xxxxxxxxxxx> wrote:
>
> I have a theory here, though... you're doing NAT. Therefore the director
> is the default gateway for the realservers - is the address of their
> default gateway the same as the VIP?
>
> If not, you need another vrrp_instance defined which makes the default
> gateway fail over to the backup director.
>
> Graeme
Okay, i was able to check out the settings for the realservers. It's a bit
complicated (for me), so let me just give you my findings:
realservers:
ip: 192.168.14.x
gw: 192.168.14.254
netmask: 255.255.255.0
they're in a seperate vlan
director:
ip: 192.168.50.110
gw: 192.168.55.254
netmask: 255.255.248.0
seperate vlan
I've tried to change the gw on the realserver to the ip of the director, but
then i get a network unreachable error. And even if that was possible, i've
learnt that the realserver go back to their default settings upon reboot
(which happens every now and then), so changing them is not an option. What
i could do is put the director in the same vlan as the realserver and
configure the director to use lvs-dr instead. I've no idea if that will make
a difference though. Is LVS-NAT the only way to go here?
Changing the mac address is not an option since i have to bring the entire
interface down before i can do that, in which case keepalived sets the node
in fault modus and renders itself useless.
With LVS-DR you will still have to modify the realservers so that they
a) use the VIP and b) do not arp for the VIP. (b) often requires a
kernel patch depending on the kernel version/distribution. This is the
"arp problem" people talk about:
http://www.austintek.com/LVS/LVS-HOWTO/HOWTO/LVS-HOWTO.arp_problem.html
In practice this is more invasive than simply changing the gateway of
the real servers.
If you cannot change the realservers, then you cannot use LVS. LVS is
wonderful and magical but it's not that magical. :) You may want to
try a proxy load balancer which only proxies TCP connections:
http://www.google.com/search?q=proxy+load+balancer
And they usually don't offer the niceties of load balancer (vs
realserver) failover, failover while keeping state, etc. And the load
balancer will handle all the traffic while this isn't quite the case
with LVS-DR. And LVS is in the kernel and it's very fast but a proxy
load balancer may be fast enough.
regards,
Sebastian
_______________________________________________
LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
or go to http://www.in-addr.de/mailman/listinfo/lvs-users
|