From: Walker, Bruce J <bruce.walker@hp...> - 2004-07-15 14:14:50
Just to be clear, Steve Lane's message described how to set up NAT
(independent of LVS) so you could have connection setup originating from
interior nodes whose only network interface was on a "private" network
Aneesh's message described how you can now run LVS-NAT on the OpenSSI
cluster so that interior nodes on "private" network addresses can be LVS
These two capabilities are somewhat independent.
> -----Original Message-----
> From: ssic-linux-users-admin@...=20
> [mailto:ssic-linux-users-admin@...] On=20
> Behalf Of Aneesh Kumar
> Sent: Wednesday, July 14, 2004 10:00 PM
> To: Steve Lane
> Cc: ssic-linux-users@...
> Subject: Re: [SSI-users] ip connections outside the cluster
> On Wed, 14 Jul 2004 12:23:53 -0700, Steve Lane
> <drsteve@...> wrote:
> > With regard to Bruce's option "A", below, I have the=20
> following feedback
> > (we just got this working yesterday :) (this is all under=20
> Debian - YMMV)
> > - The kernel needs to support NAT (masquerading). I=20
> believe (???) the
> > default OpenSSI Debian kernel does, but we built our own kernel,
> > so if you do that just make sure the NAT stuff is enabled.
> > - We installed the iptables package to do NAT. (As part of this
> > package?) there is a file, /etc/init.d/iptables, which refers to
> > /etc/defaults/iptables, which has some documentation in it to the
> > effect that you shouldn't (or can't) use these init files=20
> to configure
> > or run iptables, so we rolled our own:
> I have checked in fixes to enable the NAT support automatically with=20
> OpenSSI in the development branch. As of now failover is not
> supported. So you can't have two director node. What you will have to
> do is
> With debian :-
> 1) edit /etc/default/lvs_routing=20
> LVS_INTERNAL_GW=3D<your cluster interconnect IP for node having =
> network card >
> Now just start the ha-lvs service ( reboot the cluster ). That's it.
> you have all those ports registered via /cluster/etc/ha-lvs now load
> balanced .
> NOTE we don't have failover support yet.=20
> This SF.Net email is sponsored by BEA Weblogic Workshop
> FREE Java Enterprise J2EE developer tools!
> Get your free copy of BEA WebLogic Workshop 8.1 today.
> Ssic-linux-users mailing list