On Mon, Aug 27, 2007 at 11:21:15AM +0800, Jeff Williams wrote:
> Herbert Poetzl wrote:
> >
> >> Mike
> >>
> >>> Note that when the packet is addressed to 4.3.2.1 you need to use
> >>> the mac address, otherwise the packet will not leave the lb.
> >>>
> >>> Ports don't help as they only come into it after the the host has
> >>> been found.
> >>>
> >
> > in general, you might want to look into the details for
> > the linux network stack and rethink your setup, because
> > it sounds like you actually want higher network overhead
> > to satisfy a theoretical setup with not too much practical
> > purpose ... YMMV
I had to copy back in this part, as somebody removed
it along the way (of this thread :)
>> The scenario is this:
>>
>> I have a load balanacer (lb) sitting in front of some servers, one of
>> which is a vserver host. One of the load balanced services is mail, and
>> it has the virtual IP of 4.3.2.1 on lb. The vserver host contains 2
>> vservers: one for web with ip 1.2.3.4 and one for mail with ip 1.2.3.5.
>> There is a separate mail server with ip 1.2.3.6. Mail traffic coming to
>> the ip 4.3.2.1 gets distributed between 1.2.3.5 and 1.2.4.6. These
>> servers need to have a hidden interface with the ip 4.3.2.1 so that they
>> accept the packets forwarded by lb.
> I am just trying to work out a way of getting vservers to work with our
> existing load balancing setup. If we call the IPs for services on the
> load balancer "virtual" and the machines actually providing those
> services "real", then our current setup requires that the virtual IP
> from the load balancer also exists on the real server on a private (not
> responding the arps) interface. This is the equivalent of
> http://www.linuxvirtualserver.org/VS-DRouting.html.
assuming the description given above is accurate, the
problems you try to solve are like this (correct me if
I'm wrong)
- mail server A (192.168.1.25) on the Host X
- mail server B (192.168.2.25) on a separate Machine (Y)
- web server (192.168.1.80) on the same Host X
- load balancer which uses 10.0.0.25 for both mail servers
(separate hardware, not on Host, Z)
and the web server, should use the 10.0.0.25 to reach
_a_ mail server, which will be decided by the load balancer
(could be 192.168.1.25 or 192.168.2.25)
IMHO, to achieve this, only a few things are necessary:
- assign the 10.0.0.25 IP to the loadbalancer
- assign the 192.168.x.25 ips to the mail servers
- have the web server use the 10.0.0.25 IP
- have the load balancer distribute (and of course
track and NAT) 10.0.0.25 to the 192.168.x.25 ips
so, this doesn't involve any special setup on the Host
(Linux-VServer or network wise) to get the desired effect,
unless, you want to put the load balancer on the same
Host, which makes it a different game to play ...
please try to describe the problem in more detail,
and/or try to give some arguments for this specific
setup, whatever it might be ...
TIA,
Herbert
> The idea of the non-arp interface is that the real servers will accept
> traffic bound for the virtual IP, but not announce the IP to other real
> servers, and therefore not receive the traffic directly. When the real
> server is a vserver, the vserver host routes all traffic from any of the
> vservers to the real server, avoiding the load balancer. I understand
> _why_ this happens on the vserver host, but I need some practical way of
> getting the load balancing to work. So this means either 1) keeping the
> load balancer setup and doing something to the networking on the vserver
> host so that traffic to the virtual IP's goes out on the wire, or 2)
> Changing the load balancing setup to something that works more easily
> with vserver. Help towards either of these goals is much appreciated:)
>
> In the meantime, I'll be trying to get 1) working using the iptables
> route rules from Thomas Weber's thread.
>
> Jeff
Received on Sat Sep 1 01:11:18 2007