LVS
lvs-users
Google
 
Web LinuxVirtualServer.org

Re: [lvs-users] LVS DR which IP seen to client?

To: Ferhat Ozkasgarli <ozkasgarli@xxxxxxxxx>, lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Subject: Re: [lvs-users] LVS DR which IP seen to client?
From: Ferhat Ozkasgarli <ozkasgarli@xxxxxxxxx>
Date: Sat, 24 Jul 2010 11:47:24 +0300
Thx Simon,

In this case what ever we use, NAT or DR setup, client always answered by
VIP.

When I think logically, when a client request service from an IP and getting
answer from another IP does not seem logical.

On Sat, Jul 24, 2010 at 10:48 AM, Simon Horman <horms@xxxxxxxxxxxx> wrote:

> On Sat, Jul 24, 2010 at 10:13:41AM +0300, Ferhat Ozkasgarli wrote:
> > Hello All,
> >
> > The question may look like a noob question but I would be one very happy
> > person if answered :D.
> >
> > I have built LVS NAT mail server cluster with freeNas as storage and
> > MailEnable as mail server. Every thing works fine but because of network
> > bottle neck issue and some other isseues about mail server, we want to
> user
> > LVS DR.
> >
> > 1-) With LVS DR setup; after client had requested the service from VIP,
> > which IP sends the answer? VIP or RIP?
>
> I'm not entirely sure what you are asking.
>
> In the case of the return packets for connections made to the
> virtual service, their source IP address will be the VIP.
>
> In essence things work like this:
>
> NAT
>
> Client --- CIP:VIP --> Linux-Director --- CIP:RIP --> Real Server
>       <-- CIP:VIP --- Linux-Director <-- CIP:RIP ---
>
> FULL-NAT (to be included in 2.6.36)
>
> Client --- CIP:VIP --> Linux-Director --- VIP:RIP --> Real Server
>       <-- CIP:VIP --- Linux-Director <-- VIP:RIP ---
>
> DR
>
> Client --- CIP:VIP --> Linux-Director --- CIP:VIP --> Real Server
>       <---------------- CIP:VIP ----------------
>
> In the case of connections initiated by a real server --
> e.g. Sending an email to another machine, it will depend.
>
> For NAT (and FULL-NAT) the return path for packets for connections to LVS
> virtual services needs to travel through the linux-director. This typically
> means that the linux-director is the default route for the real-servers.
> And it can make sense for the linux-director to NAT packets for connections
> that originate on the real-servers e.g. if the real-servers are using
> RFC1819 or otherwise non-globally-routed addresses. But if they are using
> globally-routed addresses then these packets may be left un-NATed (though I
> don't believe that I have tested this).
>
> In the case of DR, the return packets shouldn't pass through the
> linux-director and they don't need to be unNATed as their source address is
> already the VIP. But for packets for connections that originate on a
> real-server its up to you and will most likely depend on what if the
> (non-VIP) addresses of the real-servers are globally routed or not.
>



-- 
Ferhat Ozkasgarli
GSM: +90 555 679 10 15
_______________________________________________
Please read the documentation before posting - it's available at:
http://www.linuxvirtualserver.org/

LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
or go to http://lists.graemef.net/mailman/listinfo/lvs-users

<Prev in Thread] Current Thread [Next in Thread>