> You would probably want direct routing. "Direct" means on the same network > as the director, and able to use the same gateway to the outside world. Yes, it's how I've got it set up. Only problem is, the web servers need to see the LVS as their gateways no? The last error I seem to have to conquer is; /// Nov 2 11:24:49 lb52 nanny[3652]: READ to 192.168.1.94:80 timed out Nov 2 11:24:52 lb52 nanny[3650]: READ to 192.168.1.92:80 timed out Nov 2 11:24:54 lb52 nanny[3651]: READ to 192.168.1.93:80 timed out /// Just seems complicated as heck. Here I have firewall's taking care of NAT. Connections come into the network as real IP's, then are sent to the various machines which are NAT'd. So, if using LVS which are NAT'd under the firewall's, there's a double weirdness there. Not just in the NAT itself but in how cache, session and other services end up acting. I could change the LVS's to real IP's still protected by the firewall's I guess. > outside client would access services by sending a packet to your firewall, > which would forward it to the director, then the director would choose an > LVS "real server" to send it to for processing, and then the real server > that got it would reply "directly" to the client without further > intervention from the director machine. Oh, I was not sure about this then. From what I've read, it seemed that the LVS remains in the path once it is used. That would be fine so guess I just need to solve this problem first. Thanks. Mike -- Linux-cluster mailing list Linux-cluster@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/linux-cluster
