[lvs-users] Connecting to VIP from Real Servers

Stephen Amadei stephenamadei at hotmail.com
Wed Aug 20 21:05:32 BST 2008

That's the interesting rub with my setup... the realserver and database are not on the same network, as they are on separate vlans.  Both real servers, both load balancers and the switch in between all this is vlan'd.  The four Linux servers use 802.1q trunks.
To diagram...  
                                         |                  VIP for http port           
       LB1---------------- for mysql port------------------LB2 vlan 100        vlan 100 GW:         vlan 100 vlan 200        vlan 200 GW:         vlan 200
         |                                                                                  |
     ----------------------------Cisco 2950----------------------------
         |                                                                                  |
         |                                                                                  |
  Real Server 1                                                                   Real Server 2 listen http vlan 100               listen http vlan 100 listen mysql vlan 200            listen mysql vlan 200
All networks are /24s.
As best as I understand...  Both Real Servers are configured to use the mysql server.  Packet> via  I assume this gets NAT'd as  The LB forwards this to one of the real mysql servers.>, but the dest is the NAT address  It does its work and sends the packet back...> via  Then it gets unNAT'd back to the real server...>
Of course, this doesn't work.
I think the problem is that my NAT rule is not working due to the packet coming from the inner interface... but I am likely wrong.  ;-)
> From: daniel.watson at myra.com> To: stephenamadei at hotmail.com> Date: Wed, 20 Aug 2008 11:46:48 -0700> Subject: Re: [lvs-users] Connecting to VIP from Real Servers> > >>I assume you have some sort of web application that uses a database. Why> >>not have you're both RS web apps using a MySQL connection to localhost.> >>Then you modify UltraMonkey to use not a simple tcp check, but a much> >>deeper app-levle check, that check as well the db connection. In case of> >>an issue with the DB, the RS will be de-activated, and will only remain> >>the RS that has a healthy DB connection.> > >Actually, that is what I am running right now... but I really wanted to> >be able to run MySQL separate from HTTP... just in case I end up with a> >situation where HTTP is broken on server A and MySQL is broken on server> >B.> >> >Stephen> > This is probably a routing issue.> From outside your network the data path looks like> Client -> vip -> loadbalancer -> realserver -> database> Client <- vip <- LB <- Realserver <- database> When you try to load balance the database server it goes like this> > Client -> vip -> LB -> RS -> vip -> LB -> Database> Client x vip x lb x RS <- database> > Since the realserver and database are on the same network the database is sending directly> to the realserver. While the realserver is expecting a reply from the vip.> So this cannot work with nat, and probably not work with most other configs.> They all rely on the load balancer being the man in the middle to twiddle the packets.> > -dan
Get ideas on sharing photos from people like you.  Find new ways to share.

More information about the lvs-users mailing list