Installation guide
Order deny,allow
Deny from all
Allow from 127.0.0.1
You can also allow specific hosts or subnets as seen in this example:
Order deny,allow
Deny from all
Allow from 192.168.1.100
Allow from 172.16.57
In this example, only Web browsers from the machine with the IP address of 192.168.1.100 and
machines on the 172.16.57/24 network can access the Piranha Configurat ion Tool.
Warning
Editing the Piranha Configuration Tool.htaccess file limits access to the configuration
pages in the /etc/sysconfig/ha/web/secure/ directory but not to the login and the help
pages in /etc/sysconfig/ha/web/. T o limit access to this directory, create a .htaccess file
in the /etc/sysconfig/ha/web/ directory with order, allow, and deny lines identical to
/etc/sysconfig/ha/web/secure/.htaccess.
2.5. Turning on Packet Forwarding
In order for the LVS router to forward network packets properly to the real servers, each LVS router node
must have IP forwarding turned on in the kernel. Log in as root and change the line which reads
net.ipv4 .ip_forward = 0 in /etc/sysctl.conf to the following:
net.ipv4.ip_forward = 1
The changes take effect when you reboot the system.
To check if IP forwarding is turned on, issue the following command as root:
/sbin/sysctl net.ipv4 .ip_forward
If the above command returns a 1, then IP forwarding is enabled. If it returns a 0, then you can turn it on
manually using the following command:
/sbin/sysctl -w net.ipv4.ip_forward=1
2.6. Configuring Services on the Real Servers
If the real servers are Red Hat Enterprise Linux systems, set the appropriate server daemons to activate
at boot time. These daemons can include httpd for Web services or xinetd for FTP or T elnet
services.
It may also be useful to access the real servers remotely, so the sshd daemon should also be installed
and running.
Chapter 2. Initial LVS Configuration
23