HPE Community
Operating System - Linux
1836249 Members
3442 Online
110096 Solutions
New Discussion

lvs problem

 
Marco_113
Frequent Advisor

‎03-14-2005 02:35 AM

‎03-14-2005 02:35 AM

lvs problem

Hi all,

I've a question about linux virtual server.
my virtual server is on the DMZ and has only one NIC with public IP (say DIP 195.120.100.1; VIP 195.120.209.102);

My Real Servers are on another LAN say 192.168.1.0

The DMZ and the LAN are not directly connected, but are both connected to a linux firewall (with 3 interfaces);

Do you think is possible that LVS (any kind of lvs: nat or dr) works with this configuration??

0 Kudos
Reply
5 REPLIES 5
Steven E. Protter
Exalted Contributor

‎03-14-2005 03:04 AM

‎03-14-2005 03:04 AM

Re: lvs problem

If the Linux firewall is providing routing to the internal network, then the virutal server in the DMZ should be able to connect.

A lot of it depends on the firewall configuration though.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
0 Kudos
Reply
Marco_113
Frequent Advisor

‎03-14-2005 03:14 AM

‎03-14-2005 03:14 AM

Re: lvs problem

I tried also with the firewall "open"; with

iptables -A INPUT -j ACCEPT
iptables -A OUTPUT -j ACCEPT
iptables -A FORWARD -j ACCEPT;

It doesn't work!!

The DMZ and the LAN can communicate trought the firewall
0 Kudos
Reply
NiCK_76
Respected Contributor

‎03-14-2005 02:38 PM

‎03-14-2005 02:38 PM

Re: lvs problem

Hi Marco,

I suggest you to test LVS without firewall or in the same subnet is preferred.
If it is works ok and it is not works via firewall, it must be firewall problem.
For now , test it in the sam subnet.

NiCK
just for fun
0 Kudos
Reply
kcpant
Trusted Contributor

‎03-14-2005 03:45 PM

‎03-14-2005 03:45 PM

Re: lvs problem

Hi Marco,

As SEP told you, there should be a routing between your DMZ & LAN to be able to connect.make appropriate rules in iptables and sysctl.conf file for routing.
PreSales Specialist
0 Kudos
Reply
Marco_113
Frequent Advisor

‎03-14-2005 07:30 PM

‎03-14-2005 07:30 PM

Re: lvs problem

Ok,
the firewall has 3 NIC's:
one on the DMZ
one on the LAN
one on the Internet.

The LAN and the DMZ can communicate by every protocol and port, and they do it.

I know that if i change, and i put the Virtual Servers directly connected on the same Network of Real Servers it works.

But my question is exactly this, can i configure lvs having Virtual servers and Real servers not directly connected on the same network??
Thanks
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.