Better explanation of my question..

Michael T. Halligan michael at halligan.org
Tue Oct 29 17:55:42 GMT 2002


I have an lvs server that also needs to be an SSL proxy..

My first idea was to use 2 external ip addresses, have
one of them proxypass to the other external ip address.. And
have that other ip address be the ip address that LVS sits on.

That doesn't seem to work because of my nat configuration, my internal
box can't talk to that external Ip address.

My second idea was to have

EXTERNAL_IP 1 
Proxypass to an internal ip address :
192.168.1.20 which would loadbalance to realservers
192.168.2.54 and .55

And have my realservers use 192.168.2.1 as a gateway. 

The problem is I don't have enough Nics.. 

 I have 2 NICS .. 
Can I put

EXTERNAL_IP on eth0
192.168.1.1 and .20 on eth1
192.168.2.1 on eth1:1 ? 

Will that work? That's what I'm trying now, and it doesn't seem to work..
>From the machine I can telnet to 192.168.2.54 and .55 port 80 and it works,
but when I try telnetting to the load balanced IP, It doesn't work : 

# ipvsadm

IP Virtual Server version 1.0.6 (size=65536)
Prot LocalAddress:Port Scheduler Flags
  -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
TCP  192.168.1.20:http rr
  -> app2:http                    Masq    1      0          0         
  -> app1:http                    Masq    1      0          0         
  -> localhost.localdomain:http   Local   0      0

Trying 192.168.1.20...
telnet: connect to address 192.168.1.20: Connection refused
[root at lb1 ha.d]# 


So what do I have to do to be able to telnet to  make this work? Do I need
a second level of load balancers? If so, that's pretty cheesy. Is this 
a limitation of having multiple networks routing on one ethernet device?





More information about the lvs-users mailing list