|
You need to SNAT real server traffic going to your real servers.
Quick google found this:
http://blog.loadbalancer.org/enabling-snat-in-lvs-xt_ipvs-and-iptables/
I'm presuming it's in mainline by now, but I know it's not in RHEL/SuSE yet.
David
On 3/1/12 7:55 AM, Dean Scothern wrote:
> Hi,
>
> I've been experimenting with a slightly non standard lvs cluster arrangement.
>
> I have a set of combined real servers/real clients (each machine has both
> services and clients) and two machines running lvs as a cluster.
>
> All machines are connected directly to the same two networks: frontend and
> backend.
>
> The real servers/real clients connect to a service ip on the lvs machines on
> the frontend network.
> The lvs machines run in masq mode and connect to the real servers/real
> clients on the backend network.
> I've configured policy routing on the real servers/real clients backend
> interfaces to return traffic via a second gateway on the lvs hosts.
>
> This works very well except when a real server/real client connects to its
> own backend interface via the lvs cluster ip.
> I guessing that the local host route means that instead of returning the
> traffic via the backend gateway on the lvs it tries to go directly locally.
> Tcpdump appears to support this guess and if I turn on martian logging I can
> see the traffic.
>
> Initially I thought that reverse path filtering was preventing operation but
> the problem remained when it was disabled.
> Turning on routing had not beneficial effect either.
>
> Ideally I would like to setup routing to override the local table when the
> policy routing rules are applied, but I'm not sure how.
> So far attempts to to do this have failed
>
> Has anyone managed to do this?
>
> Its more of a routing question so apologies for being slightly off topic.
>
> Best Regards
>
> Dean Scothern
> Dr Dean Scothern
> Infrastructure
> [Description: Eduserv]
> E: dean.scothern@xxxxxxxxxxxxxx<mailto:forename.surname@xxxxxxxxxxxxxx>
>
> T: +44 (0)1225 474379
>
> F: +44 (0)1225 474301
>
> www.eduserv.org.uk<http://www.eduserv.org.uk/>
> Eduserv is a company limited by guarantee (registered in England& Wales,
> company number: 3763109) and a charity (charity number 1079456), whose
> registered office is at Royal Mead, Railway Place, Bath, BA1 1SR.
>
>
>
>
>
> _______________________________________________
> Please read the documentation before posting - it's available at:
> http://www.linuxvirtualserver.org/
>
> LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
> Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
> or go to http://lists.graemef.net/mailman/listinfo/lvs-users
_______________________________________________
Please read the documentation before posting - it's available at:
http://www.linuxvirtualserver.org/
LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
or go to http://lists.graemef.net/mailman/listinfo/lvs-users
|
