On Fri, 2008-03-07 at 12:20 +0530, hirantha wrote: > Basically I don't administrate the firewalls, routers on the realserver > resides ISP. I think this is obvious -- > most of people doesn't have network control on the ISP. But I can tell them > the situation. I would like to know what > would be on firewalls and routers to be eligible to establish lvs-tun. What > should I tell them..?
The people administering the networks that the realservers live on need to allow egress (outbound) traffic from the VIP for LVS-TUN to work. Using TUN, the realservers reply directly to the clients: http://www.linuxvirtualserver.org/VS-IPTunneling.html If you have realservers on networks controlled by different providers, they probably won't advertise the VIP to their peers or permit traffic from the VIP to leave their network, especially if their upstreams apply filters to the announcements they receive. It would be seen as a form of spoofing. You can ask them to, but I suspect the answer will be no. Graeme _______________________________________________ LinuxVirtualServer.org mailing list - [email protected] Send requests to [EMAIL PROTECTED] or go to http://lists.graemef.net/mailman/listinfo/lvs-users
