|
On Sat, 26 May 2007, Gerry Reno wrote:
Joseph Mack NA3T wrote:
separate from what, the other realservers? the VIP?
yes
then it's more difficult to administer them and also they will lose access
to common resources such as the backup server. So it looks like each
realserver will have to be part of multiple lans or vlans into order to
still have access to common resouces. In doing so, will it create any
problems with routing for the VIP's and GW's?
such as?
I don't want any triangulation problems that can cause connections to
hang.
what's a triangulation problem?
where you have the response packets best-routed around the director directly
back to the client
OK you want LVS-NAT or the modified-shared version of LVS-DR
(if you don't know what that is, use LVS-NAT).
Ok, some ascii art:
you need blanks and not tabs, and limit to
(about) 50chars/line
|
|(Single Public IP)
---------------------
| HW NAT Firewall |
| Router |
---------------------
|(GW=192.168.0.1)
|
|(VIP=192.168.0.215)
------------------------------------------------------------------------------------
| ==LVS== | | | |(192.168.0.10) |(192.168.0.11) | |(192.168.0.nnn)
--------------------- --------------------- | ---------------------
| keepalived | | keepalived | | | lots of other | | master | | backup | | |
servers |
--------------------- --------------------- | ---------------------
|(GW=192.168.1.1) | |
------------------------------------------------------------------- |
| | | | |
|(192.168.1.10) |(192.168.1.11) |(192.168.2.10) |(192.168.2.11) |
--------------- --------------- --------------- --------------- |
| RS(web) | | RS(web) | | RS(db) | | RS(db) | |
--------------- --------------- --------------- --------------- |
|(192.168.0.70) |(192.168.0.71) |(192.168.0.72) |(192.168.0.73) |
| | | | |
-----------------------------------------------------------------------------|
|
--------------------- |
| Network |---------------------------------
| Storage |(192.168.0.99)
---------------------
This is what I was referring to when I was commenting on topology and if it
is possible to configure this way I was concerned about packets being
best-routed somehow past the director through the second interface on the
realservers.
taking a punt here...
you have director(s) with a public IP (here 192.168.0.215).
Then you have some web realservers, on 192.168.1.0/32.
Presumably these talk to the db machines (and the clients do
not directly connect to the db machined). In which case the
db machines can also be on 192.168.1.0/32. And you have a
NAS which can also be on 191.168.1.0/32. The webservers will
have 192.168.1.1 as their default gw. The other machines
(db, NAS) shouldn't havea default gw at all (presumably they
aren't replying to clients)
Joe
--
Joseph Mack NA3T EME(B,D), FM05lw North Carolina
jmack (at) wm7d (dot) net - azimuthal equidistant map
generator at http://www.wm7d.net/azproj.shtml
Homepage http://www.austintek.com/ It's GNU/Linux!
|
