|
Hello,
I just configured an environment of two LVS servers with three real
servers, and it works fine ... in the same network. When we try to
access the web server through the virtual IP from another network,
suddenly it doesn't work, this noted in the fact that we can't access
the VIP, but it still works in the same network. But, if I shutdown one
of the servers, it works perfectly.
My configuration is Direct Routing. My doubt is in the ARP
configuration. I read on section 6.8 at
http://www.austintek.com/LVS/LVS-HOWTO/HOWTO/LVS-HOWTO.arp_problem.html
that the following commands must be executed to properly configure
arptables on every real server:
# arptables -A IN -d $VIP -j DROP
# arptables -A OUT -s $VIP -j mangle --mangle-ip-s $RIP
But looking at RedHat documentation (I'm working with RHEL servers)
mentions on section 3.2.1 at
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/4/html/Virtual_Server_Administration/s1-lvs-direct-VSA.html#s2-lvs-direct-arptables-VSA
that the configuration to use is:
arptables -A IN -d <virtual_ip> -j DROP
arptables -A OUT -d <virtual_ip> -j mangle --mangle-ip-s <real_ip>
So ... Austintek uses the VIP as a source on the OUT chain, but RedHat
uses it as a destiny. Can anyone tell me what is the right
configuration? And could it be the cause of my problem, not being able
to access my balancers with three real servers from outside the network?
Funny thing is, both configurations seem to work the same way, which one
is correct?
Thanks in advance.
Israel.
_______________________________________________
Please read the documentation before posting - it's available at:
http://www.linuxvirtualserver.org/
LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
or go to http://lists.graemef.net/mailman/listinfo/lvs-users
|
