Manualshelf

Installation guide

ManualsBrandsRed Hat ManualsOtherCLUSTER SUITE 4.7 DM MULTIPATH
121122123124125126127128129130
108 Chapter 9. Setting Up a Red Hat Enterprise Linux LVS Cluster
Checking the Status of Network Interfaces
If you need to check which network interfaces are up at any given time, type the
following:
/sbin/ifconfig
To view the routing table for a machine, issue the following command:
/sbin/route
9.3. Multi-port Services and LVS Clustering
LVS routers under any topology require extra configuration when creating multi-port LVS
services. Multi-port services can be created artificially by using firewall marks to bun-
dle together different, but related protocols, such as HTTP (port 80) and HTTPS (port
443), or when LVS is used to cluster true multi-port protocols, such as FTP. In either case,
the LVS router uses firewall marks to recognize that packets destined for different ports,
but bearing the same firewall mark, should be handled identically. Also, when combined
with persistence, firewall marks ensure connections from the client machine are routed
to the same host, as long as the connections occur within the length of time specified
by the persistence parameter. For more on assigning persistence to a virtual server, see
Section 10.6.1 The VIRTUAL SERVER Subsection.
Unfortunately, the mechanism used to balance the loads on the real servers IPVS
can recognize the firewall marks assigned to a packet, but cannot itself assign firewall
marks. The job of assigning firewall marks must be performed by the network packet filter,
iptables, outside of Piranha Configuration Tool.
9.3.1. Assigning Firewall Marks
To assign firewall marks to a packet destined for a particular port, the administrator must
use iptables.
This section illustrates how to bundle HTTP and HTTPS as an example, however FTP is
another commonly clustered multi-port protocol. If an LVS cluster is used for FTP services,
see Section 9.4 FTP In an LVS Cluster for details on how to best configure the cluster.
The basic rule to remember when using firewall marks is that for every protocol using a
firewall mark in Piranha Configuration Tool there must be a commensurate iptables
rule to assign marks to the network packets.
Before creating network packet filter rules, make sure there are no rules already in place.
To do this, open a shell prompt, login as root, and type:
/sbin/service iptables status
If iptables is not running, the prompt will instantly reappear.