0

Is it possible to configure LVS (keepalived) loadbalancer with direct server return (DSR) for 2 leg network setup?

The desired architecture is as follows: mariadb galera cluster, where each node has 4 NICs. The networks attached are C, B, R and M. There are also 2 loadbalancer nodes with 3 NICs attached to C, B and M networks. All are RHEL7 systems. The networks M and R are not important for the discussion, they will be used for management and data replication respectively.

What I would like to achieve is to have requests coming from the network C to virtual IP on the active loadbalancer and go to the DB cluster through the network B. Then a DB node would respond directly to the calling client on network C.

Network diagram (for simplicity one client, LB and server):

                   ----------
                   | Client |
                   ----------
                       | *.3.50
                       |
                       v
net C ====================================== 
             ^ LB VIP=*.3.1      ^
             |                   |
             | *.3.20            | *.3.200
         ----------       ---------------
         |   LB   |       | Real server |
         ----------       ---------------
             | *.4.10            | *.4.200
             |                   |
             v                   v
net B ======================================

When I set real server IPs from network C in keepalived configuration it seems working, but it stops when I change them to network B IPs.

faraway
  • 1
  • 3
  • So, the networks are all of the same type, I assume? Do the machines in net C have routes for net B? I'm guessing the B network servers have a single default route(r) which knows how to get to net C, but the default route for C doesn't know about net B.. – NickW Jan 05 '15 at 11:36
  • The networks C and B are of the same type. I have not configured any routes on any network, but I guess there's indeed a need for a route from B to C... In this case do I have to create and additional VIP for the loadbalancers on network B? – faraway Jan 05 '15 at 12:07
  • I woudn't think so, I'm just not sure why you'd want the clients in net C to connect to net B, what about clients in net C to net C VIP addresses isn't ideal? – NickW Jan 05 '15 at 12:26
  • No, the clients in net C connect to net C VIP. As stated in the question I'd like those requests to be forwarded to one of the real servers on net B and this real server then would respond directly to the client on net C as it has one leg connected to it. I wonder if it's possible. – faraway Jan 05 '15 at 13:12
  • As far as I know it is possible, and sometimes referred to as Direct Routing (https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Load_Balancer_Administration/s1-lvs-routing-VSA.html#s2-lvs-directrouting-VSA) – NickW Jan 05 '15 at 14:02
  • I used this link before and could only configure LB for one network setup (C only). When I change real server addresses to be on net B it stops working. – faraway Jan 05 '15 at 15:34
  • Yeah, I have the feeling that All of the machines (LB and real servers) need to be on the same network segment, otherwise ARP wouldn't be an issue (and it wouldn't be mentioned on the page). If you want to move the LB and real servers to net B, make sure net C clients know how to get there :) – NickW Jan 05 '15 at 15:43
  • I added a network diagram to clarify the question. – faraway Jan 05 '15 at 16:05
  • Let us [continue this discussion in chat](http://chat.stackexchange.com/rooms/19997/discussion-between-nickw-and-faraway). – NickW Jan 05 '15 at 16:08

0 Answers0