?
Solved

Linux "remote" LVS forward to "main" LVS in front of Apache

Posted on 2014-07-15
7
Medium Priority
?
232 Views
Last Modified: 2015-01-12
I have a working 2-node LVS group using piranha in front of a 2-node Apache group.

The LVS hosts are in Direct Route mode and have a Virtual IP (VIP) which they listen on, and forwards the 2 Apache servers in round-robin (for testing - if another selection method is preferred/required, I am certainly open to that).

What I'm looking to do is put a "standalone" LVS host at a branch office, so local requests hit the branch LVS host, which has its own VIP on the local subnet (of the remote branch).  The LVS host then forwards those (thru a VPN tunnel) to the VIP of the LVS group at main location.

I have this all "working"....except I can't open a web page using the VIP at the remote location.

More info:
Main -
   LVS1 (Real IP) - 192.168.1.10
   LVS2 (RIP) - 192.168.1.11
   VIP - 192.168.1.210

   apache1 (RIP) - 192.168.1.211
   apache2 (RIP) - 192.168.1.212
   virtual-host - *:81  <-- the website is on port 81
   apache1/2 use arptables_jf and "mangle" replies as 192.168.1.10/11 (LVS1/2 RIP's)

Remote1
   LVS3 (RIP) - 10.0.100.10
   VIP - 10.0.100.210

   piranha Virtual Server has a single Real Server: 192.168.1.210 (the VIP at Main)

I see the get/expect requests from LVS3 RIP in the apache logs.  I can ping the remote-VIP (10.0.100.210) from the remote subnet.
I can't open a browser to 10.0.100.210, nor can I telnet to the remote-VIP:81

iptables have appropriate entries and SElinux is disabled.
0
Comment
Question by:snowdog_2112
  • 4
  • 3
7 Comments
 
LVL 62

Expert Comment

by:gheist
ID: 40199517
What is the gain? Traffic on wire is same, no added availablity?
0
 

Author Comment

by:snowdog_2112
ID: 40274379
(sorry for the delay!!!  this dropped off my radar for other pressing matters.)

Gain?  I am not sure what you mean - I'm new to LVS and piranha.

With respect to "traffic on wire", I am also a little confused - which traffic on which wire?
0
 
LVL 62

Expert Comment

by:gheist
ID: 40274871
Total traffic between remote office and had application does not change at all
0
Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

 

Author Comment

by:snowdog_2112
ID: 40369941
The gain has to do with tunnel availability.  Due to the network arrangement of the remote location, we do not have direct access to the firewall at the remote location which makes the lan-2-lan tunnel to the main.

There have been several cases where Internet access works at both locations, but the tunnel is broken for extended periods.

The LVS at the remote location can be used to direct traffic to the public IP of the main branch LVS, without changing the applications or DNS entries.

Does that answer the "why" question?

Thanks again!
0
 
LVL 62

Expert Comment

by:gheist
ID: 40370166
You need small bits from webserver even with all static content permanently catched (like pages linking static images)
0
 

Accepted Solution

by:
snowdog_2112 earned 0 total points
ID: 40370549
I missed an item on the configuration - though it doesn't affect the original question....

The remote LVS host will *also* have a replica of the Apache/app server in the remote branch.

You are correct - the LVS host at the remote branch *will not* be able to reach the main office.

The idea is the remote LVS host will "fail over" to its local app server.

(I plan on making the local app server "unavailable" to the LVS host if the main branch is online, so traffic should fail to the local replica *only if* the main branch is inaccessible).

So...the remote office LVS host has *TWO* RIP's behind it:
- local app server (normally "offline" as far as the LVS can tell - the test/expect will be a fail).
- main branch - this RIP is, itself another LVS host, with 2 app servers behind it.

The question remains the same, however, the remote LVS host does not hit the app server at the main branch - or see the return traffic.
0
 

Author Closing Comment

by:snowdog_2112
ID: 40543987
abandonned...no solution.
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The purpose of this article is to demonstrate how we can use conditional statements using Python.
Fine Tune your automatic Updates for Ubuntu / Debian
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…
Suggested Courses
Course of the Month14 days, 21 hours left to enroll

840 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question