Re: [load balancing] DSR across subnets

From: Greg Hartung <ghartung [izzat] photobucket.com>
Date: Tue Apr 17 2007 - 15:31:32 EDT

MAT - good suggestion. I think that would get pretty crazy but I'll look
into it.

And no, this doesn't have anything to do with a WAN link - it's just to load
balance some database slaves.

On 4/17/07 12:13 PM, "Tony Bourke" <tony@vegan.net> wrote:

> Hi Greg,
>
> Your analysis is spot on; I think you're pretty much out of luck. As
> you've found, MAT (MAC address translation) by nature doesn't work
> beyond a local Layer 2 segment.
>
> The only way I think it might work is if you had some crazy router MAT
> setup going, but I wouldn't begin to guess what routers would support
> that, and there could be gotchas beyond that. And the router on the
> server subnet might require some odd configuration in order to route
> traffic for a subnet it's not configured on.
>
> Are you wanting DSR to keep traffic from going two ways accross a WAN link?
>
> Interesting scenario though :)
>
> Tony
>
>
> Greg Hartung wrote:
>> I am trying to setup a DSR virtual with reals that are on a different
>> subnet than the Alteon 180e I am using. From what I gather from Ch.10 of
>> the App Guide, the health checks and traffic are forwarded to the IP address
>> of the virt that should be configured on the server as a loopback. This
>> forwarding is done by using the MAC address learned from the real, therefore
>> making it impossible (?) to send these to a server whose RIP is not on a
>> directly connected network.
>>
>> To confirm this, I added the Alteon to the same subnet as the server and
>> /stat/slb/virt immediately recovers. It also recovers if I remove "nonat
>> ena" from the virtual. This was just a test though, since the production
>> servers I am trying to use are in 2 different sites. I don't think it's
>> unreasonable for me to be trying to do this, since they are connected via a
>> short, high-speed metro-E but I REALLY don't want to trunk VLANs across
>> sites.
>>
>> Is there any way to get around this?
>>
>> Ideas I've had and eliminated so far:
>>
>> I think that since *both* the health check and traffic use the MAC address
>> same method, I am guessing that changing the health check type will not fix
>> anything.
>>
>> Using proxy addresses - This is only useful in getting return traffic
>> back to the load balancer from different subnets and shouldn't help in
>> getting traffic *to* a virt on a different subnet.
>>
>> Any help or ideas would be greatly appreciated.
>>
>> Thanks!
>> Greg
>>
>> _______________________________________________
>> lb-l mailing list
>> lb-l@vegan.net
>> http://vegan.net/mailman/listinfo/lb-l
>> Searchable Archive: http://vegan.net/lb/archive
>> http://lbdigest.com Load Balancing Digest
>>
>
> _______________________________________________
> lb-l mailing list
> lb-l@vegan.net
> http://vegan.net/mailman/listinfo/lb-l
> Searchable Archive: http://vegan.net/lb/archive
> http://lbdigest.com Load Balancing Digest

_______________________________________________
lb-l mailing list
lb-l@vegan.net
http://vegan.net/mailman/listinfo/lb-l
Searchable Archive: http://vegan.net/lb/archive
http://lbdigest.com Load Balancing Digest
Received on Tue Apr 17 15:32:01 2007

This archive was generated by hypermail 2.1.8 : Tue Apr 17 2007 - 15:32:01 EDT