thanks Mack & Sameer, I was starting to think LVS-NAT was the route to go. Mack, I setup a vmware demo of what I wanted, and things worked fine: well except that the IP's were different, and that the web servers were connected via vpn. So, Sameer: yea it makes sense about the rewrites... SO, NAT is what i'll try, BUT, you did indicate tunnel.
And well here's the thing, I'm really interested in LVS-TUN, but, I might have a problem with the web servers sending data directly TO the client. Doing it this way, exposes the webservers location. I have a firewall setup specifically for this reason: site-to-site VPN connection to 2 web servers at 2 geographically different locations. My understanding is that ip tunneling will be private, BUT, the data that leaves the web servers don't go back to the Load Balancer as the GW, but to the client.. which is what I can't have. I hope this makes sense? btw, what is: "DIP" for LVS-NAT, and ingress filtering? I made sure, that iptables were turned off... Thanks so much for your help. will On Dec 29, 2007 8:36 AM, Joseph Mack NA3T <[EMAIL PROTECTED]> wrote: > On Fri, 28 Dec 2007, William Ottley wrote: > > > Hey Joseph, thanks for responding. I have a strong suspicion, that it > > has to do with VPN. See, if you notice the real servers are on a > > different network, which is .3.10 and .4.10 These are reachable via a > > won't work for LVS-DR > > > site-to-site vpn connection. > > > Now I use the howto at: > > > > http://www.austintek.com/LVS/LVS-HOWTO/mini-HOWTO/LVS-mini-HOWTO.html > > (5. Example: Setup LVS using LVS-DR forwarding) > > > > and well it tells me to make sure the gw for the realservers are > > pointing to the LVS VIP, > > > > DIP for LVS-NAT, router for LVS-DR > > > > which in my case is 192.168.2.100, but i > > can't do that, since the real server's GW is pointing to another > > firewall, which creates the VPN... > > > > I'm sooo confused as to what process to use > > > > See, we need to "hide" all of the webservers from the internet > > Try a setup from the HOWTO on the bench, then when it works > modify the setup for your situation > > JOe > > -- > > Joseph Mack NA3T EME(B,D), FM05lw North Carolina > jmack (at) wm7d (dot) net - azimuthal equidistant map > generator at http://www.wm7d.net/azproj.shtml > Homepage http://www.austintek.com/ It's GNU/Linux! > > _______________________________________________ > LinuxVirtualServer.org mailing list - [email protected] > Send requests to [EMAIL PROTECTED] > or go to http://lists.graemef.net/mailman/listinfo/lvs-users > -- --------------- Morpheus: After this, there is no turning back. You take the blue pill - the story ends, you wake up in your bed and believe whatever you want to believe. You take the red pill - you stay in Wonderland and I show you how deep the rabbit-hole goes. _______________________________________________ LinuxVirtualServer.org mailing list - [email protected] Send requests to [EMAIL PROTECTED] or go to http://lists.graemef.net/mailman/listinfo/lvs-users
