Table of Contents
Advertisement
Chapter 1. Linux Virtual Server Overview
it is handled according to the scheduling rules in place.
Persistence also allows the administrator to specify a subnet mask to apply to the client IP
address test as a tool for controlling what addresses have a higher level of persistence, thereby
grouping connections to that subnet.
Grouping connections destined for different ports can be important for protocols which use more
than one port to communicate, such as FTP. However, persistence is not the most efficient way
to deal with the problem of grouping together connections destined for different ports. For these
situations, it is best to use firewall marks.
5.2. Firewall Marks
Firewall marks are an easy and efficient way to a group ports used for a protocol or group of
related protocols. For instance, if LVS is deployed to run an e-commerce site, firewall marks can
be used to bundle HTTP connections on port 80 and secure, HTTPS connections on port 443.
By assigning the same firewall mark to the virtual server for each protocol, state information for
the transaction can be preserved because the LVS router forwards all requests to the same real
server after a connection is opened.
Because of its efficiency and ease-of-use, administrators of LVS should use firewall marks
instead of persistence whenever possible for grouping connections. However, administrators
should still add persistence to the virtual servers in conjunction with firewall marks to ensure the
clients are reconnected to the same server for an adequate period of time.
6. LVS — A Block Diagram
LVS routers use a collection of programs to monitor cluster members and cluster services.
Figure 1.5, "LVS Components"
illustrates how these various programs on both the active and
backup LVS routers work together to manage the cluster.
12
Advertisement
Table of Contents
