[lvs-users] netmask for vip?

Julian Anastasov ja at ssi.bg
Thu Jun 22 21:25:39 BST 2017


On Thu, 22 Jun 2017, linbo liao wrote:

> Thanks Julian, I  understand /32 for "lo" interface.
> But my question is VIP for director, it usually configure in other
> interface than "lo" , what's the difference between /32 and actual subnet
> of the VIP.
> In keepalived, if no netmask provide, vip will configure with /32 netmask,
> for example:
> virtual_ipaddress {
>    ; it will use /32 netmask
>    ; it will use /24 netmask
> }

	Not sure about the keepalived specifics but
in Linux there is no big difference where you configure
the VIPs on director. The only rules that apply are:

- you should have DIP (Director IP) which is more preferred
when selecting local address for outgoing traffic, eg.
add DIP/24 on eth0 before configuring VIP. Such DIP is
mandatory for TUN mode because we originate IPIP packets
from DIP.

- In Linux, VIP can be VIP/24:eth0 (same netmask as DIP),
VIP/32:eth0 or VIP/32:lo, i.e. a secondary address for the
subnet. For the first case, if DIP is somehow removed,
/proc/sys/net/ipv4/conf/eth0/promote_secondaries should
not promote VIP as primary IP in place of the DIP.

- Some setups may want to mix director and real server role,
in this case they may prefer to put some VIPs on eth0 (VIPs
used for director role) and to put other VIPs on lo (VIPs
used for real server role, eg. DR mode). Such separation
is needed when using eth0/arp_ignore=1 and eth0/arp_announce=2.

	So, in the most of the cases there should not be any
differences for the above 3 options and the IPVS tools can
use any of them to configure the VIP on lo or eth0.


Julian Anastasov <ja at ssi.bg>

More information about the lvs-users mailing list