Using LVS to replace Netscaler Load Balancer

Bill Omer bill.omer at gmail.com
Wed Jan 17 03:12:54 GMT 2007 

> Thanks for your response Bill.
> Just to clarify a few points. You need the iptables magic with your setup
> because you're using LVS-DR, but the DIP's and RIP's are not on the same
> subnet, so it's not as simple as rewriting the MAC and leaving putting the
> packet on the wire?
>
> If so, I'll get to work on upping my iptables foo.
>
> Philip


Hi Philip

To clerify, in my setup the VIP, RIP and CIP are all on the same
subnet.  When a packet comes in to the RIP, assuming the RIP is bound
to a Linux server, the OS will drop the packet if the DEST is not
equal to any IP address that are bound to any interfaces on the
server.  There has to be configuration done on the real server in
order for the OS to accept that packet.   This is one big difference
between a custom LVS solution vs using a Netscaler.

To do this, you need to use iptables to accept that traffic.  See
section 17 on the LVS HOWTO

http://www.austintek.com/LVS/LVS-HOWTO/HOWTO/LVS-HOWTO.transparent_proxy.html

-Bill

Search lvs-users Archives
Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
More information about the lvs-users mailing list