|
Ok... it seems like there's a huge flaw in my understanding of how
traffic gets back to where it came from. For some reason, I had always
thought that the routing table was meant for new outgoing connections
which is stupid because I've run into multiple problems where I couldn't
contact a remote host because the remote host's routing table was wrong.
So yeah... LVS-DR makes PERFECT sense now.
Now, if only someone could explain how you can use active-active to
increase throughput beyond a single LVS.... my mind can finally rest :)
---
Michael Spiegle
mike@xxxxxxxxxxxxxxxx
David Fix wrote:
>> Are you referring to Layer 2 or Layer 3 destination address mangling?
>> As far as I know, an LVS configured for NAT will mangle the destination
>> IP address from the VIP to the realserver's address. It then places
>> this packet on the network and it goes to the realserver. Since the
>> LVS changes the destination (and not the source IP address), the
>> realserver on the backend still sees the originating IP address. When
>> the realserver formulates its response, doesn't the response goto the
>> MAC address which it received the request from (LVS)?
>>
>> In the case of LVS-DR, the destination MAC address is changed - however
>> the destination VIP address is maintained. The only way a realserver
>> will service this connection is if you have configured the VIP on the
>> loopback interface. Since we have done this, the realserver will
>> formulate a reply, however the reply does NOT go back to where it came
>> from (LVS), it goes around LVS. Is this correct?
>>
>
> What's going on here is this: The director and realserver both have the VIP,
> but only the director responds with an ARP for the VIP. The director then
> looks for the MAC of the realserver by arping for the RIP. Once it knows
> the MAC address of the realserver, it then rewrites (Layer 2) the original
> packet with the realserver's MAC and drops it on the wire. The realserver
> then picks it up, since it's addressed to its MAC, and then, since it has
> the VIP on one of its interfaces (usually the lo interface), it processes it
> and proceeds merrily on its way. :) That's how the DR mode works.
>
> And yes, it goes "around" the LVS unless the LVS machine is set up as it's
> default gateway... Which isn't USUALLY the case, but it can be. ;)
>
> Dave
>
> _______________________________________________
> LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
> Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
> or go to http://www.in-addr.de/mailman/listinfo/lvs-users
>
>
>
|
