[f-nsp] ServerIron config question - can this be done?

Clifton Royston cliftonr at lava.net
Wed Jan 22 16:14:27 EST 2003


On Wed, Jan 22, 2003 at 11:38:35AM -0800, Brent Van Dussen wrote:
> You'll need to keep the serveriron and the customers webservers in the same 
> L2 domain.  If the webservers and the serveriron are all part of the same 
> customer installation I don't see why it has to be separated out into VLAN's.

  Thanks for the quick response!

  The ServerIrons are not dedicated to this customer; the customer's
virtual server will be "sharing time" on a ServerIron we also use for
in-house load-balanced virtual servers.  Ultimately other customers
might end up in a similar configuration, and we prefer to map our colo
customers into separate L2 domains.

  Is the point of having them in the same L2 domain that the ServerIron
can see ARPs for the servers directly?

> DSR will do everything else that you need it to, just remember that you'll 
> have to configure Loopbacks on each of the real servers.
> 
> If the real servers are in a different subnet than the serveriron you can 
> use the source-ip or just put both subnets on the upstream L3 device and 
> the serveriron will route health checks up to the router and back down to 
> the real servers.

  Sorry, you lost me here.

  Are you talking about just adding the "server source-ip
[IP-in-their-netblock]" globally, with a usual "server real foo"
definition, and "port http dsr" on the virtual server, and that that
should do it all?  I've never tried this particular permutation, but if
it should work, I'll give it a shot!

  -- Clifton

-- 
     Clifton Royston  --  LavaNet Systems Architect --  cliftonr at lava.net

  "If you ride fast enough, the Specialist can't catch you."
  "What's the Specialist?" Samantha says. 
  "The Specialist wears a hat," says the babysitter. "The hat makes noises."
  She doesn't say anything else.  
                      Kelly Link, _The Specialist's Hat_


More information about the foundry-nsp mailing list