LVS
lvs-users
Google
 
Web LinuxVirtualServer.org

Re: [lvs-users] lvs-direct..stumped: arp or not to arp?

To: "LinuxVirtualServer.org users mailing list." <lvs-users@xxxxxxxxxxxxxxxxxxxxxx>
Subject: Re: [lvs-users] lvs-direct..stumped: arp or not to arp?
From: "Sameer Garg" <sameer.garg@xxxxxxxxx>
Date: Sat, 29 Dec 2007 18:27:15 +0530
Thought. The lvs might not be working due to ingress filtering. Check the logs.

In your case I would suggest you try LVS-NAT as oppose to DR because
DR rewrite the mac address and as far as I know that wouldn't work for
you. The machines are not on the same network hence mac address
rewrite wouldn't work. Why don't you try LVS-Tun. The real servers
will still be  invisible from the internet and they can use the
outgoing bandwidth of the remote site.

Even incase of LVS-Tun you will have to make sure that ingress
filtering is not blocking out bound traffic.

Sameer

On Dec 29, 2007 4:53 AM, William Ottley <williamottley@xxxxxxxxx> wrote:
> Hey Joseph, thanks for responding. I have a strong suspicion, that it
> has to do with VPN. See, if you notice the real servers are on a
> different network, which is .3.10 and .4.10 These are reachable via a
> site-to-site vpn connection. Now I use the howto at:
>
> http://www.austintek.com/LVS/LVS-HOWTO/mini-HOWTO/LVS-mini-HOWTO.html
> (5. Example: Setup LVS using LVS-DR forwarding)
>
> and well it tells me to make sure the gw for the realservers are
> pointing to the LVS VIP, which in my case is 192.168.2.100, but i
> can't do that, since the real server's GW is pointing to another
> firewall, which creates the VPN...
>
> I'm sooo confused as to what process to use
>
> See, we need to "hide" all of the webservers from the internet, and
> have all traffic go through one location, which is where the Load
> Balancer is. The Load Balancer is behind a firewall, so, I'm told its
> an LVS-Direct setup, and not an LVS-NAT... or am I wrong?
>
>
> Or am i doing this the wrong way?
> Should I just have a secure LVS / Firewall, and do IP Tunneling? Does
> this "hide" where the other web servers are?
>
> Thanks!
>
> William
>
>
> On Dec 28, 2007 5:11 PM, Joseph Mack NA3T <jmack@xxxxxxxx> wrote:
> > On Fri, 28 Dec 2007, William Ottley wrote:
> >
> > > Hello all,
> > > I've read the how-tos, and i'm still confused. I have a really simple
> > > setup, yet, i can't get my lvs up and running.
> >
> > you could try working through the setup in the mini-HOWTO.
> > Unfortunately it assumes Julian's hidden patch for the
> > realservers rather than arp_ignore. You could substitute the
> > instructions
> >
> > Alternately you could read my comments on pirahna inthe
> > HOWTO
> >
> > Joe
> >
> > --
> > Joseph Mack NA3T EME(B,D), FM05lw North Carolina
> > jmack (at) wm7d (dot) net - azimuthal equidistant map
> > generator at http://www.wm7d.net/azproj.shtml
> > Homepage http://www.austintek.com/ It's GNU/Linux!
> >
> > _______________________________________________
> > LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
> > Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
> > or go to http://lists.graemef.net/mailman/listinfo/lvs-users
> >
>
>
>
> --
> ---------------
> Morpheus: After this, there is no turning back. You take the blue pill
> - the story ends, you wake up in your bed and believe whatever you
> want to believe. You take the red pill - you stay in Wonderland and I
> show you how deep the rabbit-hole goes.
>
> _______________________________________________
>
> LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
> Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
> or go to http://lists.graemef.net/mailman/listinfo/lvs-users
>


<Prev in Thread] Current Thread [Next in Thread>