Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. Linux Virtual Server>
  3. Users
[lvs-users] Disable persistent connections for certain source IP
jp at galea
Jul 31, 2013, 1:58 AM
Post #1 of 3 (1364 views)
Permalink
Hi,

We are using LVS-DR with persistent connections enabled.

Our ldirectord config looks something like this;

virtual = 80
protocol = fwm
scheduler = wrr
persistent = 300
real = 192.168.1.101:80 gate 10
real = 192.168.1.102:80 gate 10

Is it possible to disable persistent connections for requests coming
from certain src IP addresses?

The reason why we want to do this, is that our web application is
available publicly (and we want persistence enabled here), but we also
have certain URLs which are used heavily by office staff (always coming
from a certain src IP) and we would like to load balance those requests,
rather then have them routed to the same real server all the time.

Is this possible or are we looking at this the wrong way? Perhaps we
need to change our infrastructure to support such a setup?

Thanks,

Jean Paul

_______________________________________________
Please read the documentation before posting - it's available at:
http://www.linuxvirtualserver.org/

LinuxVirtualServer.org mailing list - lvs-users@LinuxVirtualServer.org
Send requests to lvs-users-request@LinuxVirtualServer.org
or go to http://lists.graemef.net/mailman/listinfo/lvs-users
Re: [lvs-users] Disable persistent connections for certain source IP [ In reply to ]
david at davidcoulson
Jul 31, 2013, 4:39 AM
Post #2 of 3 (1311 views)
Permalink
On 7/31/13 4:58 AM, Jean Paul Galea wrote:
> Hi,
>
> We are using LVS-DR with persistent connections enabled.
>
> Our ldirectord config looks something like this;
>
> virtual = 80
> protocol = fwm
> scheduler = wrr
> persistent = 300
> real = 192.168.1.101:80 gate 10
> real = 192.168.1.102:80 gate 10
>
> Is it possible to disable persistent connections for requests coming
> from certain src IP addresses?
Since you are using fwm it makes this easy. Just define a second virtual
section, call it 81 or something. Duplicate what you have for 80, but
don't include the persistent parameter.

Then just use iptables to mark internal traffic to the 81 virtual
server, and everything else to the 80.

_______________________________________________
Please read the documentation before posting - it's available at:
http://www.linuxvirtualserver.org/

LinuxVirtualServer.org mailing list - lvs-users@LinuxVirtualServer.org
Send requests to lvs-users-request@LinuxVirtualServer.org
or go to http://lists.graemef.net/mailman/listinfo/lvs-users
Re: [lvs-users] Disable persistent connections for certain source IP [ In reply to ]
jp at galea
Jul 31, 2013, 4:44 AM
Post #3 of 3 (1313 views)
Permalink
On 07/31/2013 01:39 PM, David Coulson wrote:
> Since you are using fwm it makes this easy. Just define a second virtual
> section, call it 81 or something. Duplicate what you have for 80, but
> don't include the persistent parameter.
>
> Then just use iptables to mark internal traffic to the 81 virtual
> server, and everything else to the 80.

That's a really good idea. Thanks David!

Jean Paul


_______________________________________________
Please read the documentation before posting - it's available at:
http://www.linuxvirtualserver.org/

LinuxVirtualServer.org mailing list - lvs-users@LinuxVirtualServer.org
Send requests to lvs-users-request@LinuxVirtualServer.org
or go to http://lists.graemef.net/mailman/listinfo/lvs-users

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal