[lvs-users] Connecting to VIP from Real Servers
stephenamadei at hotmail.com
Wed Aug 20 21:05:32 BST 2008
That's the interesting rub with my setup... the realserver and database are not on the same network, as they are on separate vlans. Both real servers, both load balancers and the switch in between all this is vlan'd. The four Linux servers use 802.1q trunks.
18.104.22.168 VIP 22.214.171.124 for http port 126.96.36.199
LB1----------------188.8.131.52 for mysql port------------------LB2 10.0.1.2 vlan 100 vlan 100 GW: 10.0.1.1 10.0.1.3 vlan 100
10.0.2.2 vlan 200 vlan 200 GW: 10.0.2.1 10.0.2.3 vlan 200
Real Server 1 Real Server 2
10.0.1.11 listen http vlan 100 10.0.1.12 listen http vlan 100
10.0.2.11 listen mysql vlan 200 10.0.2.12 listen mysql vlan 200
All networks are /24s.
As best as I understand... Both Real Servers are configured to use the 184.108.40.206 mysql server. Packet 10.0.1.11->220.127.116.11 via 10.0.1.1. I assume this gets NAT'd as 18.104.22.168. The LB forwards this to one of the real mysql servers. 22.214.171.124->10.0.2.2, but the dest is the NAT address 126.96.36.199. It does its work and sends the packet back... 10.0.2.2->188.8.131.52 via 10.0.2.1. Then it gets unNAT'd back to the real server...
Of course, this doesn't work.
I think the problem is that my NAT rule is not working due to the packet coming from the inner interface... but I am likely wrong. ;-)
> From: daniel.watson at myra.com> To: stephenamadei at hotmail.com> Date: Wed, 20 Aug 2008 11:46:48 -0700> Subject: Re: [lvs-users] Connecting to VIP from Real Servers> > >>I assume you have some sort of web application that uses a database. Why> >>not have you're both RS web apps using a MySQL connection to localhost.> >>Then you modify UltraMonkey to use not a simple tcp check, but a much> >>deeper app-levle check, that check as well the db connection. In case of> >>an issue with the DB, the RS will be de-activated, and will only remain> >>the RS that has a healthy DB connection.> > >Actually, that is what I am running right now... but I really wanted to> >be able to run MySQL separate from HTTP... just in case I end up with a> >situation where HTTP is broken on server A and MySQL is broken on server> >B.> >> >Stephen> > This is probably a routing issue.> From outside your network the data path looks like> Client -> vip -> loadbalancer -> realserver -> database> Client <- vip <- LB <- Realserver <- database> When you try to load balance the database server it goes like this> > Client -> vip -> LB -> RS -> vip -> LB -> Database> Client x vip x lb x RS <- database> > Since the realserver and database are on the same network the database is sending directly> to the realserver. While the realserver is expecting a reply from the vip.> So this cannot work with nat, and probably not work with most other configs.> They all rely on the load balancer being the man in the middle to twiddle the packets.> > -dan
Get ideas on sharing photos from people like you. Find new ways to share.
More information about the lvs-users