Hello, I just configured an environment of two LVS servers with three real servers, and it works fine ... in the same network. When we try to access the web server through the virtual IP from another network, suddenly it doesn't work, this noted in the fact that we can't access the VIP, but it still works in the same network. But, if I shutdown one of the servers, it works perfectly.
My configuration is Direct Routing. My doubt is in the ARP configuration. I read on section 6.8 at http://www.austintek.com/LVS/LVS-HOWTO/HOWTO/LVS-HOWTO.arp_problem.html that the following commands must be executed to properly configure arptables on every real server: # arptables -A IN -d $VIP -j DROP # arptables -A OUT -s $VIP -j mangle --mangle-ip-s $RIP But looking at RedHat documentation (I'm working with RHEL servers) mentions on section 3.2.1 at https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/4/html/Virtual_Server_Administration/s1-lvs-direct-VSA.html#s2-lvs-direct-arptables-VSA that the configuration to use is: arptables -A IN -d <virtual_ip> -j DROP arptables -A OUT -d <virtual_ip> -j mangle --mangle-ip-s <real_ip> So ... Austintek uses the VIP as a source on the OUT chain, but RedHat uses it as a destiny. Can anyone tell me what is the right configuration? And could it be the cause of my problem, not being able to access my balancers with three real servers from outside the network? Funny thing is, both configurations seem to work the same way, which one is correct? Thanks in advance. Israel. _______________________________________________ Please read the documentation before posting - it's available at: http://www.linuxvirtualserver.org/ LinuxVirtualServer.org mailing list - lvs-users@LinuxVirtualServer.org Send requests to lvs-users-requ...@linuxvirtualserver.org or go to http://lists.graemef.net/mailman/listinfo/lvs-users