Joseph Mack NA3T wrote:
> On Mon, 4 Jun 2007, Gerry Reno wrote:
>
>
>> As I explored 2-LAN the separation was great for security but a real
>> problem for figuring out how to keep all my accesses and shared services
>> working. I'll have to work on the security part some more but having
>> things in one network definitely simplifies things. As far as bandwidth,
>> all my machines have two gig nics so maybe I can find a way to increase
>> the throughput.
>>
>
> I don't know the ins and outs of your setup, but since
> you're thinking of one network, it can't be LVS-NAT.
>
Wait! Don't say that. That's what I need. Ok, I thought that if you
removed the default route that it would force everything through the
director and so everything would work then.
> I assume you've only got local resources (like NAS, sql...)
> which can be on the (private) RIP network.
yes
> Any resources
> on the internet that the realservers need can be accessed by
> NAT'ing from the RIP through the router, then the only IP
> that is facing the outside world is the VIP.
>
I'm going to be NAT'd out of my mind. First, my internet gateway box is
NAT. Then the internal QEMU network for the load balancers is NAT'd. Now
you're saying I need a third NAT just between the two LANS?
Oh no. No my brain will not handle all this. Has to be a way to use
LVS-NAT with 1-LAN.
> it's really fun out here.
>
Uh huh, well maybe. :-)
|