[lvs-users] problem accessing realservers through VIP
L.S. Keijser
leon at linux.nl
Fri Jul 16 21:50:57 BST 2010
On Fri, 2010-07-16 at 17:11 +0900, Simon Horman wrote:
> I think that you have hit a known limitation which is that LVS can't
> load-balance requests from a real-sever when LVS-NAT is in use.
> Well, not without a work-around.
>
> There was a recent discussion of this on this list[1]
> And there is also a discussion of the problem and work-arounds
> in the HOWTO[2]. As stated in that thread, my personal feeling
> is that this problem can be resolved with full-nat support which
> I am currently trying to get merged[3]
>
> [1] http://archive.linuxvirtualserver.org/html/lvs-users/2010-07/msg00000.html
> [2] http://www.austintek.com/LVS/LVS-HOWTO/HOWTO/LVS-HOWTO.lvs_clients_on_realservers.html#lvs_clients_on_LVS-NAT_realserver_contacting_services_on_VIP
> [3] http://thread.gmane.org/gmane.comp.security.firewalls.netfilter.devel/34529
Hi Simon,
Thanks for the (quick) reply! I think the best solution in this
situation would be full-nat, as the most other workarounds rely on the
realservers being able to connect to eachother using the RIP, which is
prohibited in our vlan policy :(
Since we're kind of in a hurry, i'm going to move one VIP onto a second
director to avoid this problem (for now). Found out today that was an
option as well in our setup.
Thanks!
Léon
More information about the lvs-users
mailing list