|
Your 250/251 configs are essentially equivalent. The only difference is
ldirectord is checking a different port for availability. In dr/gate mode, ipvs
doesn't modify the port number at all. Your example with port zero would also
work, except the ldirectord health checks would fail. You would either need to
set a checkport directive, or change the port for each real server to something
checkable.
As I said last time, in dr/gate mode ipvs doesn't care about the port in the
real server as all it modifies is the dst MAC address in the Ethernet frame and
does not touch the ip packet at all (including top headers).
Sent from my iPad
On Nov 25, 2012, at 6:52 AM, Tomasz Chmielewski <mangoo@xxxxxxxx> wrote:
> On 11/25/2012 03:12 AM, David Coulson wrote:
>>
>> If you use gateway/DR mode, it will not rewrite the IP packet (just
>> the Ethernet headers to send it to the real server). So it will go
>> the same port (as well as destination IP) as the original packet.
>>
>> Did you actually try the config and have a problem, or are you just
>> assuming it won't work?
>
> Hi,
>
> with my current setup, I'm pretty sure port :80 may get directed to one
> realserver, while port :443 may be directed to a different one.
>
> I use marking in iptables, since some directors may be realservers, too.
> My ldirectord config is as follows (251 and 2510 - marks made with iptables):
>
> virtual = 251
> protocol = fwm
> scheduler = wlc
> persistent = 300
> real = server1:80 gate 20
> real = server2:80 gate 20
> real = server3:80 gate 20
> real = server4:80 gate 20
> virtualhost = example.com
> request = "/ping/"
> receive = "ALIVE"
> service = http
>
> virtual = 2510
> protocol = fwm
> scheduler = wlc
> persistent = 300
> real = server1:443 gate 20
> real = server2:443 gate 20
> real = server3:443 gate 20
> real = server4:443 gate 20
> virtualhost = example.com
> request = "/ping/"
> receive = "ALIVE"
> service = https
>
>
> Am I correct to think that to use multi-port persistence, I'd have to use
> just one iptables mark, and the following ldirectrd config:
>
> virtual = $NEW_MARK
> protocol = fwm
> scheduler = wlc
> persistent = 300
> real = server1:0 gate 20
> real = server2:0 gate 20
> real = server3:0 gate 20
> real = server4:0 gate 20
> virtualhost = example.com
> request = "/ping/"
> receive = "ALIVE"
> service = https
>
>
> (basically, one mark in iptables, and :0 as a port in ldirectord config).
>
> Let me know if that would be correct?
>
>
> --
> Tomasz Chmielewski
> http://blog.wpkg.org
_______________________________________________
Please read the documentation before posting - it's available at:
http://www.linuxvirtualserver.org/
LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
or go to http://lists.graemef.net/mailman/listinfo/lvs-users
|
