I also have a problem with this, and doing it in a generic way, without messing to much with the real-servers.
I've seen somewhere that removing the VIP ownership from the LB and using FW-mark to throw traffic at the LVS might help. I also think that LVS should be network name space aware, since that would be one way of separating the realserver and LVS, this would help when running realservers on the director so its not for your case. And when I'm still on it, anybody know's why Julians send2self patch never made it into the kernel. It is configurable per device so it should not do any harm. I'm using it myself, but a tweeked it a bit inorder to be able to send messages out on the interface owning the dest address instead of going to loopback. Very useful if you want to have a centralized Firewalling and dont want traffic between co-located applications bypass the fw. /Anders On Thu, 2010-07-01 at 16:05 +0200, Kristoffer Egefelt wrote: > Hi list > I've been working around this issue for years using split DNS, DNAT > rules which bypasses LVS etc. - now I really need this to work the > "correct" way, ie. realservers can connect to VIP's the exact same way > internet clients can. > > While Graeme Fowler's solution at: > > http://www.austintek.com/LVS/LVS-HOWTO/HOWTO/LVS-HOWTO.lvs_clients_on_realservers.html#do_you_need_lvs_clients_on_the_realserver > > from 2005 probably works, it still seems (to me anyway ;) that this is > a bit long-winded when dealing with a lot of realservers and VIP's. > > If anybody have found a better / easier solution, or can recommend > which solution would be the best, I would be very interested. > All kinds of solutions will be appreciated, including buying more > interfaces, even lvs servers etc... > > Thanks :-) > > Regards > Kristoffer > > _______________________________________________ > Please read the documentation before posting - it's available at: > http://www.linuxvirtualserver.org/ > > LinuxVirtualServer.org mailing list - [email protected] > Send requests to [email protected] > or go to http://lists.graemef.net/mailman/listinfo/lvs-users _______________________________________________ Please read the documentation before posting - it's available at: http://www.linuxvirtualserver.org/ LinuxVirtualServer.org mailing list - [email protected] Send requests to [email protected] or go to http://lists.graemef.net/mailman/listinfo/lvs-users
