thanks Anup for your help, i finally did get lvs-nat working: the "/proc/../ip_forwarding was not set properly.
My next step is to do LVS-TUN, and i'm stumped on which way to start. I will have 3 internet network connection on the load balancer
#1 official load balancer (where the webserver dns is pointed to) eth0 #2 eth1, which will have a tun? to connect to a geographical web server #2 eth2, which is the same as eth1, but a different web server.
so naturally, I need to do an LVS-NAT, BUT. can I have tunneling with that as well? And as far as I know, I don't have to worry about the arp...
William
On Jan 3, 2008 6:48 PM, Anup Shukla anup.shkl@gmail.com wrote:
William Ottley wrote:
i'm trying to setup LVS, and tried both the lvs-dr and the lvs-nat, but can't get any to work.
LVS-DR did work for me partially, as-in it did not load balance. But i am sure it was a mistake on my part. Still have to find time and test it.
#1 with regards to the Real Servers, is there anything that needs to be configured other that the http service? I ask this, because I suspect yes, and it has to do with what type of LVS you have:
The http service + firewall rules (if applicable)
1a) lvs-dr: on the RIP of the web servers, create an lo:0 and assign the VIP to it
Yes.
1b ) lvs-nat: on the RIP of the web servers, make sure the default gw points to the inside network card eth1
I have found that the default gw is not really a strict requirement. Worked for me with a different gw too, but i cannot stamp a confirmation on that. Got to recheck... just in case.
1b) lvs-nat: on the LVS, with 2 nics, eth1 (private where web servers are located): 192.168.0.100, and create a nat gateway of 192.168.0.254, where the real web servers gw is, and make it eth1:1
Looks Good.
how do I go about getting diagnostic info from all this? pulse? i can't connect at all to any of the web servers..
- Are real servers accessible from lvs (ping/arp -n?)
- Does telnet to port 80 (or the one to which http server is listening
to) on real server from lvs work?
if #1 == yes and #2 == no, it might be the firewall on the real servers.
-- Regards Anup Shukla
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos