Table of Contents
Advertisement
the incoming requests and perform load-balancing for the real servers, the real servers do
not need to be Linux machines to function correctly. The LVS routers need one or two NICs
each (depending on if there is a back-up router). You can use two NICs for ease of
configuration and to distinctly separate traffic — incoming requests are handled by one NIC
and routed packets to real servers on the other.
Since the real servers bypass the LVS router and send outgoing packets directly to a client,
a gateway to the Internet is required. For maximum performance and availability, each real
server can be connected to its own separate gateway which has its own dedicated
connection to the carrier network to which the client is connected (such as the Internet or an
intranet).
Software
There is some configuration outside of Piranha Configuration Tool that needs to be done,
especially for administrators facing ARP issues when using LVS via direct routing. Refer to
Section 2.1, "Direct Routing and
"
for more information.
iptables
2.1. Direct Routing and
In order to configure direct routing using
IP address configured, so they can directly route packets. ARP requests for the VIP are ignored
entirely by the real servers, and any ARP packets that might otherwise be sent containing the
VIPs are mangled to contain the real server's IP instead of the VIPs.
Using the
arptables_jf
real server is servicing. For example, the
Apache HTTP Server to be running bound explicitly to different VIPs on the system. There are
also significant performance advantages to using
However, using the
arptables_jf
standard Red Hat Enterprise Linux system configuration tools.
To configure each real server to ignore ARP requests for each virtual IP addresses, perform the
following steps:
1. Create the ARP table entries for each virtual IP address on each real server (the real_ip is
the IP the director uses to communicate with the real server; often this is the IP bound to
):
eth0
arptables -A IN -d <virtual_ip> -j DROP
arptables -A OUT -d <virtual_ip> -j mangle --mangle-ip-s <real_ip>
This will cause the real servers to ignore all ARP requests for the virtual IP addresses, and
change any outgoing ARP responses which might otherwise contain the virtual IP so that
they contain the real IP of the server instead. The only node that should respond to ARP
arptables_jf
arptables_jf
arptables_jf
method, applications may bind to each individual VIP or port that the
arptables_jf
method, VIPs can not be configured to start on boot using
Direct Routing and
"
or
Section 2.2, "Direct Routing and
, each real server must have their virtual
method allows multiple instances of
over the
arptables_jf
arptables_jf
option.
iptables
27
Advertisement
Table of Contents
