Direct Routing And Iptables - Red Hat ENTERPRISE LINUX 5 - VIRTUAL SERVER ADMINISTRATION Manual
Hide thumbs
Also See for ENTERPRISE LINUX 5 - VIRTUAL SERVER ADMINISTRATION:
- Deployment manual (848 pages) ,
- Manual (402 pages) ,
- Configuration (86 pages)
Table of Contents
Advertisement
However, using the arptables_jf method, VIPs can not be configured to start on boot using
standard Red Hat Enterprise Linux system configuration tools.
To configure each real server to ignore ARP requests for each virtual IP addresses, perform the
following steps:
1. Create the ARP table entries for each virtual IP address on each real server (the real_ip is the IP
the director uses to communicate with the real server; often this is the IP bound to eth0):
arptables -A IN -d <virtual_ip> -j DROP
arptables -A OUT -d <virtual_ip> -j mangle --mangle-ip-s <real_ip>
This will cause the real servers to ignore all ARP requests for the virtual IP addresses, and change
any outgoing ARP responses which might otherwise contain the virtual IP so that they contain the
real IP of the server instead. The only node that should respond to ARP requests for any of the
VIPs is the current active LVS node.
2. Once this has been completed on each real server, save the ARP table entries by typing the
following commands on each real server:
service arptables_jf save
chkconfig --level 2345 arptables_jf on
The chkconfig command will cause the system to reload the arptables configuration on bootup
— before the network is started.
3. Configure the virtual IP address on all real servers using ifconfig to create an IP alias. For
example:
# ifconfig eth0:1 192.168.76.24 netmask 255.255.252.0 broadcast
192.168.79.255 up
Or using the iproute2 utility ip, for example:
# ip addr add 192.168.76.24 dev eth0
As previously noted, the virtual IP addresses can not be configured to start on boot using the Red
Hat system configuration tools. One way to work around this issue is to place these commands in
/etc/rc.d/rc.local.
4. Configure Piranha for Direct Routing. Refer to
Piranha Configuration Tool
3.2.2. Direct Routing and iptables
You may also work around the ARP issue using the direct routing method by creating iptables
firewall rules. To configure direct routing using iptables, you must add rules that create a
Chapter 4, Configuring the LVS Routers with
for more information.
Direct Routing and iptables
23
Advertisement
Table of Contents
