Actually, I did something and now MASQUERADE does not work whatever I'm
trying to do.
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
My work around is very simple: install a proxy HTTP server in your network.
This one I use for Windows:
http://www.handcraftedsoftware.org/ - FreeProxy
But I would really want to know how to set up a simple proxy server on Linux
(I'm trying to reduce windows machines in my Hyper-V environment as they
consume too much memory and HDD space (min installation for windows 2012
server datacenter with all recent patches is 20 GB, Linux can fit easily in
1 GB)).
Dima
From: Emilio Campos [mailto:[email protected]]
Sent: Monday, December 9, 2013 2:30 PM
To: [email protected]
Subject: Re: [Zenloadbalancer-support] How to set up L4 DNAT with asp.net
web farm on ZLB 3.03
Very interesting HOWTO, thanks for your contribution
In ZLB v3.03 there is a new property, files where you can add your own
commands
/usr/local/zenloadbalancer/config/zlb-stop
/usr/local/zenloadbalancer/config/zlb-start
regarding your HOWTO:
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
this iptables line can be added to
/usr/local/zenloadbalancer/config/zlb-start. All you include in this file
will be executed in "/etc/init.d/zenloadbalancer start", once the interfaces
are UP.
Regards
2013/12/6 Dima Polyakov <[email protected] <mailto:[email protected]> >
Hi, guys!
Here is a somewhat a short manual how to set up Zen as L4 DNAT load
balancing. There are not much information available on how to do it properly
and I have a very limited knowledge of Linux systems (I'm a Windows guy;
last time I worked with Unix/Linux systems was in 1998 on FreeBSD), so some
steps might be different. I hope one day it all will be
integrated/automated/simplified.
Comments and corrections are welcome!
So, here is my environment:
My network gateway: 10.10.0.254
Idea is to have a web farm to run on a different subnet, but also have
access to each server individually from my network (10.10.0.xxx). All
networks are connected to the same switch.
Web 1: 10.10.0.71 (no default gateway), 172.168.0.1 (GW: 172.168.0.254)
Web 2: 10.10.0.72 (no default gateway), 172.168.0.2 (GW: 172.168.0.254)
Web 3: 10.10.0.73 (no default gateway), 172.168.0.3 (GW: 172.168.0.254)
Install Zen on Hyper-V. Add 2 legacy network adapters.
During Zen setup set eth0: 10.10.0.80 -> this will be IP for Zen management
(https://10.10.0.80:444), default GW: 10.10.0.254
Once Zen is installed (make sure you remember root password!), login to web
interface and set in settings/interfaces:
* eth1 - 172.168.0.254 (this will be a gateway for backend computers)
* eth0:1 - 10.10.0.70 (this is farm IP)
Once it is all set you should be able to ping from web servers gateway ip
172.168.0.254 and each other by 172.168.0.x
Also, you should ping 10.10.0.254 and any computer on that network as well.
Now, make a farm with IP 10.10.0.70, l4xnat profile, DNAT, no IP persistence
Add web sites: 172.168.0.1, 172.168.0.2, 172.168.0.3
>From this point you should be able to go to 10.10.0.70 with your web browser
and hit any of your web servers. With DNAT you should be able to get source
IP as well.
To set up an ability for your web servers to get to the internet, you will
need to make a trick:
- In hyper-v open Zen machine
- You will see a login screen. Login as: root, password: your root
password from installation
- Type: vi /etc/rc.local
- Right before line: exit 0, type: iptables -t nat -A POSTROUTING
-o eth0 -j MASQUERADE
- To save and exit type: :wq
Now, you should be able to access Internet from web servers.
Important! You should address this error for ASP.NET <http://ASP.NET> web
farm and load balancer:
Validation of viewstate MAC failed. If this application is hosted by a Web
Farm or cluster, ensure that <machineKey> configuration specifies the same
validationKey and validation algorithm. AutoGenerate cannot be used in a
cluster.
You can get this error if you have a submit button that was rendered on web1
but 'submit' went to web2. More about it you can read here:
http://www.hackandsecure.com/2010/07/07/solution-for-validation-of-viewstate
-mac-failed/
My preferred solution is just make a machine key the same for each copy of
website. In web.config in system.web add a key machineKey. You can generate
it from here:
http://www.eggheadcafe.com/articles/GenerateMachineKey/GenerateMachineKey.as
px
IP persistence does not work for me because I want all requests to be evenly
balanced between servers.
That is basically all you need to run ZLB for ASP.NET <http://ASP.NET> web
farm.
Happy coding!
Dima
----------------------------------------------------------------------------
--
Sponsored by Intel(R) XDK
Develop, test and display web and hybrid apps with a single code base.
Download it for free now!
http://pubads.g.doubleclick.net/gampad/clk?id=111408631
<http://pubads.g.doubleclick.net/gampad/clk?id=111408631&iu=/4140/ostg.clktr
k> &iu=/4140/ostg.clktrk
_______________________________________________
Zenloadbalancer-support mailing list
[email protected]
<mailto:[email protected]>
https://lists.sourceforge.net/lists/listinfo/zenloadbalancer-support
--
Load balancer distribution - Open Source Project
http://www.zenloadbalancer.com
Distribution list (subscribe): [email protected]
<mailto:[email protected]>
------------------------------------------------------------------------------
Sponsored by Intel(R) XDK
Develop, test and display web and hybrid apps with a single code base.
Download it for free now!
http://pubads.g.doubleclick.net/gampad/clk?id=111408631&iu=/4140/ostg.clktrk
_______________________________________________
Zenloadbalancer-support mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/zenloadbalancer-support
