Hello list,
Recently we modified the configuration of our lvs systems to do LVS-DR
as well as LVS-NAT. The setup works well with LVS-NAT has been working
tirelessly for a year. A new VIP was added to load-balance using LVS-NAT
with a setup something like the below diagram:
CIP --> VIP (192.168.17.44), gateway(192.168.2.1)--> RIP (192.168.2.51)
We're now seeing the martian source problem whenever CIP originates from
outside the 192.168.2.x subnet. I understand why we are getting the
error, but hoping there's a solution to getting this setup working. Is
anyone running a similar setup and has found a solution to the martian
source problem?
I have had a look at the information on the solution called "Julian's
martian modification" in section 7.5.2
(http://www.austintek.com/LVS/LVS-HOWTO/HOWTO/LVS-HOWTO.LVS-DR.html#martian_modification)
but that requires a patch to the kernel and I'm hoping to avoid having
to do custom compiling a kernel.
Note: the reason we decided to go with LVS-DR is that using LVS-NAT
would leave all clients in the same subnet as the RIP (192.168.2.x)
unable to use this service since the RIP would respond back directly to
the CIP and the connection would be broken.
Thanks,
--
Khosrow
_______________________________________________
Please read the documentation before posting - it's available at:
http://www.linuxvirtualserver.org/
LinuxVirtualServer.org mailing list - lvs-users@LinuxVirtualServer.org
Send requests to lvs-users-request@LinuxVirtualServer.org
or go to http://lists.graemef.net/mailman/listinfo/lvs-users
Recently we modified the configuration of our lvs systems to do LVS-DR
as well as LVS-NAT. The setup works well with LVS-NAT has been working
tirelessly for a year. A new VIP was added to load-balance using LVS-NAT
with a setup something like the below diagram:
CIP --> VIP (192.168.17.44), gateway(192.168.2.1)--> RIP (192.168.2.51)
We're now seeing the martian source problem whenever CIP originates from
outside the 192.168.2.x subnet. I understand why we are getting the
error, but hoping there's a solution to getting this setup working. Is
anyone running a similar setup and has found a solution to the martian
source problem?
I have had a look at the information on the solution called "Julian's
martian modification" in section 7.5.2
(http://www.austintek.com/LVS/LVS-HOWTO/HOWTO/LVS-HOWTO.LVS-DR.html#martian_modification)
but that requires a patch to the kernel and I'm hoping to avoid having
to do custom compiling a kernel.
Note: the reason we decided to go with LVS-DR is that using LVS-NAT
would leave all clients in the same subnet as the RIP (192.168.2.x)
unable to use this service since the RIP would respond back directly to
the CIP and the connection would be broken.
Thanks,
--
Khosrow
_______________________________________________
Please read the documentation before posting - it's available at:
http://www.linuxvirtualserver.org/
LinuxVirtualServer.org mailing list - lvs-users@LinuxVirtualServer.org
Send requests to lvs-users-request@LinuxVirtualServer.org
or go to http://lists.graemef.net/mailman/listinfo/lvs-users