LVS
lvs-users
Google
 
Web LinuxVirtualServer.org

Re: LVS-NAT - administration question

To: ben.wilder@xxxxxxxxxxx, <lvs-users@xxxxxxxxxxxxxxxxxxxxxx>
Subject: Re: LVS-NAT - administration question
From: Joseph Mack NA3T <jmack@xxxxxxxx>
Date: Tue, 17 Oct 2006 05:40:14 -0700 (PDT)
On Tue, 17 Oct 2006, Ben Wilder wrote:

Hi again all,

Another question if I may, I have LVS-NAT set up as below, I had trouble
getting the single network NAT working as per the how-tos.


OS is Fedora core 5 - kernel 2.6.15-1.2054_FC5 Ipvsadm version: 1.2.1

Network looks like the following (I am testing with one real server at the
moment)

[CIP]10.10.10.100 --> [eth0:1 VIP]10.10.10.5 (Director)[eth0 DIP]
192.168.0.1 --> [eth0 RIP]192.168.0.100

this is two networks.

I would like to admin the Real server from the 10.10.10.100 client, or from
anything on the 10.10.10.x network.

Just be aware that you don't normally want clients to have access to the realservers - you don't want anyone to know that there are multiple machines in the LVS - for security reasons.

You could login to the director from the client network (again not a great idea for security reasons) and hop from there to the realserver.


The Real server has a second NIC which I
could address differently but would cause the load balancing to stop
functioning.

why would it stop?

I can ssh to the director and then from there to the real
server, but ideally I would need to upload files etc over sftp aswell.

Is there any way that I can use this second NIC on the real server to allow
the 10.10.10.x network to administrate it?

Why can't you put a 10.10.10.x address on the realserver (and a cable to the switch on the 10.10.10.x network)?

Joe

--
Joseph Mack NA3T EME(B,D), FM05lw North Carolina
jmack (at) wm7d (dot) net - azimuthal equidistant map
generator at http://www.wm7d.net/azproj.shtml
Homepage http://www.austintek.com/ It's GNU/Linux!

<Prev in Thread] Current Thread [Next in Thread>