|
Andy
On Tue, 2008-02-26 at 16:04 +0000, Andy Ashley wrote:
> I want to keep the load balancer on its own network if at all possible
> as this is a shared solution (multiple client networks) and its going to
> mean additional cabling and complexity if I use
> LVS-DR and it requires assigning the VIP to the realservers.
Well...
> Am I barking up the wrong tree here then, expecting this configuration
> to work, even if I could somehow get the load balancer to SNAT outgoing
> packets?
Probably. You're adding a layer of complexity to the system which I
would try to avoid, personally.
> Perhaps if I had another physical interface on the load balancers and
> SNAT'ed outgoing packets leaving via that interface to avoid the ARP
> problem?
I think we've already demonstrated that using netfilter to SNAT the
outgoing packets is a no-go. If you have another interface on the
directors then DR becomes rather simpler - and if you have multiple
client networks, you can always use the Linux VLAN module to segregate
them.
Graeme
|
