Hi All, We have been experiencing D/Dos on http. The LVS is uneffected by the D/Dos but the real servers are suffering. Beside the D/Dos the LVS is currently handling 5 subdomains and approximately 10QPS.
We are using LVS-Tun configuration. Due to our distributed setup and service provider limitation we can't put a perimeter firewall so we are thinking of stopping them at or before the LVS. At the director I have tuned the route flush and route garbage collection variables but that is all I could figure out.After reading the howto and the mailing list I have concluded that it is possible to use iptalbles with LVS-DR and LVS-NAT. Is it advisable to put iptables on the director in a LVS-TUN setup? Unrelated question: Anybody using a opensource firewall Iptables/pf in production for 100M connection? Sameer _______________________________________________ LinuxVirtualServer.org mailing list - [email protected] Send requests to [EMAIL PROTECTED] or go to http://lists.graemef.net/mailman/listinfo/lvs-users
