Linux "remote" LVS forward to "main" LVS in front of Apache
Posted on 2014-07-15
I have a working 2-node LVS group using piranha in front of a 2-node Apache group.
The LVS hosts are in Direct Route mode and have a Virtual IP (VIP) which they listen on, and forwards the 2 Apache servers in round-robin (for testing - if another selection method is preferred/required, I am certainly open to that).
What I'm looking to do is put a "standalone" LVS host at a branch office, so local requests hit the branch LVS host, which has its own VIP on the local subnet (of the remote branch). The LVS host then forwards those (thru a VPN tunnel) to the VIP of the LVS group at main location.
I have this all "working"....except I can't open a web page using the VIP at the remote location.
LVS1 (Real IP) - 192.168.1.10
LVS2 (RIP) - 192.168.1.11
VIP - 192.168.1.210
apache1 (RIP) - 192.168.1.211
apache2 (RIP) - 192.168.1.212
virtual-host - *:81 <-- the website is on port 81
apache1/2 use arptables_jf and "mangle" replies as 192.168.1.10/11 (LVS1/2 RIP's)
LVS3 (RIP) - 10.0.100.10
VIP - 10.0.100.210
piranha Virtual Server has a single Real Server: 192.168.1.210 (the VIP at Main)
I see the get/expect requests from LVS3 RIP in the apache logs. I can ping the remote-VIP (10.0.100.210) from the remote subnet.
I can't open a browser to 10.0.100.210, nor can I telnet to the remote-VIP:81
iptables have appropriate entries and SElinux is disabled.