Hi, guys!
Here is a somewhat a short manual how to set up Zen as L4 DNAT load
balancing. There are not much information available on how to do it properly
and I have a very limited knowledge of Linux systems (I'm a Windows guy;
last time I worked with Unix/Linux systems was in 1998 on FreeBSD), so some
steps might be different. I hope one day it all will be
integrated/automated/simplified.
Comments and corrections are welcome!
So, here is my environment:
My network gateway: 10.10.0.254
Idea is to have a web farm to run on a different subnet, but also have
access to each server individually from my network (10.10.0.xxx). All
networks are connected to the same switch.
Web 1: 10.10.0.71 (no default gateway), 172.168.0.1 (GW: 172.168.0.254)
Web 2: 10.10.0.72 (no default gateway), 172.168.0.2 (GW: 172.168.0.254)
Web 3: 10.10.0.73 (no default gateway), 172.168.0.3 (GW: 172.168.0.254)
Install Zen on Hyper-V. Add 2 legacy network adapters.
During Zen setup set eth0: 10.10.0.80 -> this will be IP for Zen management
(https://10.10.0.80:444), default GW: 10.10.0.254
Once Zen is installed (make sure you remember root password!), login to web
interface and set in settings/interfaces:
* eth1 - 172.168.0.254 (this will be a gateway for backend computers)
* eth0:1 - 10.10.0.70 (this is farm IP)
Once it is all set you should be able to ping from web servers gateway ip
172.168.0.254 and each other by 172.168.0.x
Also, you should ping 10.10.0.254 and any computer on that network as well.
Now, make a farm with IP 10.10.0.70, l4xnat profile, DNAT, no IP persistence
Add web sites: 172.168.0.1, 172.168.0.2, 172.168.0.3
>From this point you should be able to go to 10.10.0.70 with your web browser
and hit any of your web servers. With DNAT you should be able to get source
IP as well.
To set up an ability for your web servers to get to the internet, you will
need to make a trick:
- In hyper-v open Zen machine
- You will see a login screen. Login as: root, password: your root
password from installation
- Type: vi /etc/rc.local
- Right before line: exit 0, type: iptables -t nat -A POSTROUTING
-o eth0 -j MASQUERADE
- To save and exit type: :wq
Now, you should be able to access Internet from web servers.
Important! You should address this error for ASP.NET web farm and load
balancer:
Validation of viewstate MAC failed. If this application is hosted by a Web
Farm or cluster, ensure that <machineKey> configuration specifies the same
validationKey and validation algorithm. AutoGenerate cannot be used in a
cluster.
You can get this error if you have a submit button that was rendered on web1
but 'submit' went to web2. More about it you can read here:
http://www.hackandsecure.com/2010/07/07/solution-for-validation-of-viewstate
-mac-failed/
My preferred solution is just make a machine key the same for each copy of
website. In web.config in system.web add a key machineKey. You can generate
it from here:
http://www.eggheadcafe.com/articles/GenerateMachineKey/GenerateMachineKey.as
px
IP persistence does not work for me because I want all requests to be evenly
balanced between servers.
That is basically all you need to run ZLB for ASP.NET web farm.
Happy coding!
Dima
------------------------------------------------------------------------------
Sponsored by Intel(R) XDK
Develop, test and display web and hybrid apps with a single code base.
Download it for free now!
http://pubads.g.doubleclick.net/gampad/clk?id=111408631&iu=/4140/ostg.clktrk
_______________________________________________
Zenloadbalancer-support mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/zenloadbalancer-support
