Hello,
I have LVS-DR working when the RIP, CIP, and VIP are all on the same
private 172.16.0.0/16 subnet. However, LVS-DR stops working when RIP
and CIP are on different subnets (RIP is private, CIP is a public
internet address).
I am now moving my setup to an internet routable public address.
The VIP and CIP are on different public subnet's. The VIP is also on
the same private subnet as the RIP's (172.16.0.0/16).
When I try to access the VIP from the CIP, I see 'InActConn'
increasing in ipvsadm; however, 'ActiveConn' remains at 0.
My problem, I think, is with routing replies from the RIP to the CIP.
At first, I setup an iptables SNAT box with a public ip address as the
default gateway for the RIP. However, that did not work either. Is
this because SNAT changes the source IP address, whereas LVS needs the
source ip to remain constant so that the client can send responses to
the VIP?
Next, I tried to route directly from my RIP to my ISP's default
gateway, which is on a different subnet. However, 'ip route add ...'
kept complaining that the ISP's gateway was 'unreachable'.
Other than obtaining additional public ip addresses for each of my RIP
nodes, how can I route LVS-DR replies from my RIP to the CIP when they
are on different subnets?
If I had 30 RIP's, would I need to get 30 public ip addresses? What is
the proper way to route replies from private RIP's onto the internet
without getting a seperate public IP for each RIP ndoe?
Thanks in advance!
|