Login | Register For Free | Help
Search for: (Advanced)

Mailing List Archive: Linux Virtual Server: Users

[lvs-users] Real servers as LVS clients

  

 
Linux Virtual Server users RSS feed   Index | Next | Previous | View Threaded


j.stubbs at linkthink

Apr 9, 2008, 12:58 AM

Post #1 of 4 (356 views)
Permalink
[lvs-users] Real servers as LVS clients
Hi all,

I'm wanting to have real servers as LVS clients using LVS-NAT on the director.
I am unable to use the internal LVS-DR method as the real servers are OpenVZ
virtual servers utilizing a PPP like network interface, hence the director
and servers aren't on the same logical network segment.

I've been scouring the LVS HOWTO, iproute2 and netfilter resources for hours
now and have still not come up with a definitive answer. The best I can come
up with is to apply the patch from below and then run squid on the director.
Is there a better way that I'm not seeing?

http://www.austintek.com/LVS/LVS-HOWTO/HOWTO/LVS-HOWTO.lvs_clients_on_realservers.html#carlos_solution

--
Jason Stubbs <j.stubbs[at]linkthink.co.jp>
LINKTHINK INC.
東京都渋谷区桜ヶ丘町22-14 N.E.S S棟 3F
TEL 03-5728-4772 FAX 03-5728-4773

_______________________________________________
LinuxVirtualServer.org mailing list - lvs-users[at]LinuxVirtualServer.org
Send requests to lvs-users-request[at]LinuxVirtualServer.org
or go to http://lists.graemef.net/mailman/listinfo/lvs-users


jmack at wm7d

Apr 9, 2008, 7:27 AM

Post #2 of 4 (331 views)
Permalink
Re: [lvs-users] Real servers as LVS clients [In reply to]
On Wed, 9 Apr 2008, Jason Stubbs wrote:


> The best I can come
up with is to apply the patch from below and then run squid on the director.
Is there a better way that I'm not seeing?

this is as good as it gets. LVS wasn't designed to do this.
It would be nice to have, but we don't have it.

Joe

--
Joseph Mack NA3T EME(B,D), FM05lw North Carolina
jmack (at) wm7d (dot) net - azimuthal equidistant map
generator at http://www.wm7d.net/azproj.shtml
Homepage http://www.austintek.com/ It's GNU/Linux!

_______________________________________________
LinuxVirtualServer.org mailing list - lvs-users[at]LinuxVirtualServer.org
Send requests to lvs-users-request[at]LinuxVirtualServer.org
or go to http://lists.graemef.net/mailman/listinfo/lvs-users


j.stubbs at linkthink

Apr 10, 2008, 1:00 AM

Post #3 of 4 (329 views)
Permalink
Re: [lvs-users] Real servers as LVS clients [In reply to]
On Wednesday 09 April 2008 23:27:24 Joseph Mack NA3T wrote:
> On Wed, 9 Apr 2008, Jason Stubbs wrote:
> > The best I can come up with is to apply the patch from below and then run
> > squid on the director. Is there a better way that I'm not seeing?
>
> this is as good as it gets. LVS wasn't designed to do this.
> It would be nice to have, but we don't have it.

Moving ip_vs_in to the end of POSTROUTING and moving ip_vs_out to the start of
PREROUTING as in the attached patch seems to work and lets me do what I want.
LVS-NAT and SNAT are working both independently and in conjunction to allow
connections to VIPs from anywhere.

I haven't tested LVS-DR, LVS-TUN or localnode (although I think localnode
should still work) and am not so worried if they don't work. Are there any
other issues likely to arise with this patch? Is there any reason why LVS
didn't hook into (or near) those places in the first place?

I understand that it'll likely never be accepted because it'd break pretty
much every existing installation (VIP on an interface would not make it to
IPVS)... I'm just wondering if there's any gotchas I might not be seeing
before I decided to put it into production.

--
Jason Stubbs <j.stubbs[at]linkthink.co.jp>
LINKTHINK INC.
東京都渋谷区桜ヶ丘町22-14 N.E.S S棟 3F
TEL 03-5728-4772 FAX 03-5728-4773
Attachments: ip_vs_core.patch (3.51 KB)


j.stubbs at linkthink

Apr 10, 2008, 1:20 AM

Post #4 of 4 (331 views)
Permalink
Re: [lvs-users] Real servers as LVS clients [In reply to]
On Thursday 10 April 2008 17:00:49 Jason Stubbs wrote:
> On Wednesday 09 April 2008 23:27:24 Joseph Mack NA3T wrote:
> > On Wed, 9 Apr 2008, Jason Stubbs wrote:
> > > The best I can come up with is to apply the patch from below and then
> > > run squid on the director. Is there a better way that I'm not seeing?
> >
> > this is as good as it gets. LVS wasn't designed to do this.
> > It would be nice to have, but we don't have it.
>
> Moving ip_vs_in to the end of POSTROUTING and moving ip_vs_out to the start
> of PREROUTING as in the attached patch seems to work and lets me do what I
> want. LVS-NAT and SNAT are working both independently and in conjunction to
> allow connections to VIPs from anywhere.

Well, SNAT works independently and LVS-NAT works in conjuction with SNAT but
LVS-NAT isn't working on its own. I'll look into this and try and fix it, but
the questions below still stand. :)

> I haven't tested LVS-DR, LVS-TUN or localnode (although I think localnode
> should still work) and am not so worried if they don't work. Are there any
> other issues likely to arise with this patch? Is there any reason why LVS
> didn't hook into (or near) those places in the first place?
>
> I understand that it'll likely never be accepted because it'd break pretty
> much every existing installation (VIP on an interface would not make it to
> IPVS)... I'm just wondering if there's any gotchas I might not be seeing
> before I decided to put it into production.

--
Jason Stubbs <j.stubbs[at]linkthink.co.jp>
LINKTHINK INC.
$BEl5~ET=BC+6h:y%v5VD.(B22-14 N.E.S S$BEo(B 3F
TEL 03-5728-4772 FAX 03-5728-4773

_______________________________________________
LinuxVirtualServer.org mailing list - lvs-users[at]LinuxVirtualServer.org
Send requests to lvs-users-request[at]LinuxVirtualServer.org
or go to http://lists.graemef.net/mailman/listinfo/lvs-users

Linux Virtual Server users RSS feed   Index | Next | Previous | View Threaded
 
 


Interested in having your list archived? Contact lists@gossamer-threads.com
 
  Web Applications & Managed Hosting Powered by Gossamer Threads Inc.