Figure 7-3,
illustrates an LVS cluster utilizing NAT routing to move requests
between the Internet and a private network.
In the example, there are two NICs in the active LVS router. The
NIC for the Internet has a real IP address
on eth0 and has a floating IP address aliased to eth0:1. The NIC
for the private network interface has a real IP address on eth1 and
has a floating IP address aliased to eth1:1. In the event of
failover, the virtual interface facing the Internet and the private
facing virtual interface are taken-over by the backup LVS router
simultaneously. All of the cluster's real servers located on the
private network use the floating IP for the NAT router as their
default route to communicate with the active LVS router so that
their abilities to respond to requests from the Internet is not
impaired.
In this example, the LVS router's public LVS floating IP address
and private NAT floating IP address are aliased to two physical
NICs. While it is possible to associate each floating IP address to
its own physical device on the LVS router nodes, having more than
two NICs is not a requirement.
Using this topography, the active LVS router receives the
request and routes it to the appropriate server. The real server
then processes the request and returns the packets to the LVS
router which uses network address translation to replace the
address of the real server in the packets with the LVS routers
public VIP address. This process is called IP
masquerading because the actual IP addresses of the real
servers is hidden from the requesting clients.
Using this NAT routing, the real servers may be any kind of
machine running various operating systems. The main disadvantage is
that the LVS router may become a bottleneck in large cluster
deployments because it must process outgoing as well as incoming
requests.
