Putting The Configuration Together - Red Hat ENTERPRISE LINUX 5 - VIRTUAL SERVER ADMINISTRATION Manual
Hide thumbs
Also See for ENTERPRISE LINUX 5 - VIRTUAL SERVER ADMINISTRATION:
- Deployment manual (848 pages) ,
- Manual (402 pages) ,
- Configuration (86 pages)
Table of Contents
Advertisement
Chapter 3. Setting Up LVS
transparent proxy so that a real server will service packets sent to the VIP address, even though the
VIP address does not exist on the system.
The iptables method is simpler to configure than the arptables_jf method. This method also
circumvents the LVS ARP issue entirely, because the virtual IP address(es) only exist on the active
LVS director.
However, there are performance issues using the iptables method compared to arptables_jf,
as there is overhead in forwarding/masquerading every packet.
You also cannot reuse ports using the iptables method. For example, it is not possible to run two
separate Apache HTTP Server services bound to port 80, because both must bind to INADDR_ANY
instead of the virtual IP addresses.
To configure direct routing using the iptables method, perform the following steps:
1. On each real server, run the following command for every VIP, port, and protocol (TCP or UDP)
combination intended to be serviced for the real server:
iptables -t nat -A PREROUTING -p <tcp|udp> -d <vip> --dport <port> -j
REDIRECT
This command will cause the real servers to process packets destined for the VIP and port that
they are given.
2. Save the configuration on each real server:
# service iptables save
# chkconfig --level 2345 iptables on
The commands above cause the system to reload the iptables configuration on bootup —
before the network is started.
3.3. Putting the Configuration Together
After determining which of the preceding routing methods to use, the hardware should be linked
together on the network.
Important
The adapter devices on the LVS routers must be configured to access the same networks.
For instance if eth0 connects to public network and eth1 connects to the private
network, then these same devices on the backup LVS router must connect to the same
networks.
Also the gateway listed in the first interface to come up at boot time is added to the routing
table and subsequent gateways listed in other interfaces are ignored. This is especially
important to consider when configuring the real servers.
After physically connecting together the hardware, configure the network interfaces on the primary
and backup LVS routers. This can be done using a graphical application such as system-config-
network or by editing the network scripts manually. For more information about adding devices using
24
Advertisement
Table of Contents
