Figure 7-3, illustrates an LVS cluster utilizing NAT
routing to move requests between the Internet and a private
network.
In the example, there are two NICs in the active LVS router. The NIC
for the Internet has a real IP address on eth0
and has a floating IP address aliased to eth0:1. The NIC for the
private network interface has a real IP address on eth1 and has a
floating IP address aliased to eth1:1. In the event of failover, the
virtual interface facing the Internet and the private facing virtual
interface are taken-over by the backup LVS router simultaneously. All
of the cluster's real servers located on the private network use the
floating IP for the NAT router as their default route to communicate
with the active LVS router so that their abilities to respond to
requests from the Internet is not impaired.
In this example, the LVS router's public LVS floating IP address and
private NAT floating IP address are aliased to two physical
NICs. While it is possible to associate each floating IP address to
its own physical device on the LVS router nodes, having more than two
NICs is not a requirement.
Using this topography, the active LVS router receives the request and
routes it to the appropriate server. The real server then processes
the request and returns the packets to the LVS router which uses
network address translation to replace the address of the real server
in the packets with the LVS routers public VIP address. This process
is called IP masquerading because the actual IP
addresses of the real servers is hidden from the requesting clients.
Using this NAT routing, the real servers may be any kind of machine
running various operating systems. The main disadvantage is that the
LVS router may become a bottleneck in large cluster deployments
because it must process outgoing as well as incoming requests.
