>> Another idea:
>> Could you do load balancing via ports rather than macs?
>>
>> lb, A and B have all the same IP 4.3.2.1
>> vservers A and B run your mail service respectively on ports 2501 and
>> 2502.
>> lb accepts external packets on port 25 and forward them to "itself" on
>> port 2501 or 2502.
>>
> This doesn't really work. For the mail vserver to get the packet the
> vserver host needs to accept packets for 4.3.2.1 and forward them to the
> mail vserver. Once it does this, it will also route all packets from the
> other vservers to the mail vserver.
>
> Ports don't help as they only come into it after the the host has been
> found.
>
But with vservers you can think in terms of services rather than real hosts.
And you do load balancing between two mail services, one listening to
port 2501 and one to port 2502.
If another vserver is talking to the unique IP, port 25, it goes again
through the host load balancer before reaching one of the 2 mail
services, which are in this case, isolated into different vservers.
Anyway Daniel proposed
iptables -t nat -A PREROUTING -i ethX -d 4.3.2.1 -j DNAT --to-destination 1.2.3.4
<>
iptables -t nat -A PREROUTING -i ethX -d 4.3.2.1 -j DNAT --to-destination 1.2.3.5
and what I said can be achieved with
iptables -t nat -A PREROUTING -i ethX -d 4.3.2.1 -p tcp --dport 25 -j DNAT --to-destination 4.3.2.1:2501
<>
iptables -t nat -A PREROUTING -i ethX -d 4.3.2.1 -p tcp --dport 25 -j DNAT --to-destination 4.3.2.1:2501
Depends if you want load balance on a single service or on the whole IP
Phil
Received on Thu Aug 23 19:10:06 2007