The DSR/DR is the preferred Load-Balancing method for larger installations. When this method is used, each Server is configured to have the VIP (Virtual IP) shared addresses as its local IP addresses. This allows each Server to receive all packets directed to the VIP addresses, and to send responses directly to the clients using the VIP as the "source" address. The servers should not respond to the arp requests for these VIP addresses. Instead the load balancer responds to these requests, and thus all incoming packets directed to the VIP addresses are delivered to the load balancer, which redirects them to Servers. When redirecting these incoming packets, the load balancer sends them directly to the Server MAC address, without changing the packet destination address, that remains the VIP address.
Note: Because MAC addresses are used to redirect incoming packets, the Load Balancer and all balanced Servers (usually - CommuniGate Pro Cluster frontends) must be connected to the same network segment; there should be no router between the Load Balancer and those Servers.
To use the DSR method, create an "alias" for the loopback network interface on each Frontend Server. While the standard address for the loopback interface is 127.0.0.1, create an alias with the VIP address and the 255.255.255.255 network mask:
ifconfig lo0:1 plumb ifconfig lo0:1 _<font color="blue">VIP</font>_ netmask 255.255.255.255 up
To make this configuration permanent, create the file /etc/hostname.lo0:1 with the VIP address in it.
To change the configuration permanently, add the following line to the /etc/rc.conf file:
ifconfig_lo0_alias0="inet VIP netmask 255.255.255.255"
ifconfig lo:0 VIP netmask 255.255.255.255 up
ip address add VIP/32 dev lo
To make this configuration permanent, create the file /etc/sysconfig/network-scripts/ifcfg-lo:0:
DEVICE=lo IPADDR=VIP NETMASK=255.255.255.255 ONBOOT=yes
Make sure that the kernel is configured to avoid ARP advertising for this lo interface (so the VIP address is not linked to any Frontend server in arp-tables). Subject to the Linux kernel version, the following commands should be added to the /etc/sysctl.conf file:
# ARP: reply only if the target IP address is # a local address configured on the incoming interface net.ipv4.conf.all.arp_ignore = 1 # # When an arp request is received on eth0, only respond # if that address is configured on eth0. net.ipv4.conf.eth0.arp_ignore = 1 # # Enable configuration of arp_announce option net.ipv4.conf.all.arp_announce = 2 # When making an ARP request sent through eth0, always use an address # that is configured on eth0 as the source address of the ARP request. net.ipv4.conf.eth0.arp_announce = 2 # # Repeat for eth1, eth2 (if exist) #net.ipv4.conf.eth1.arp_ignore = 1 #net.ipv4.conf.eth1.arp_announce = 2 #net.ipv4.conf.eth2.arp_ignore = 1 #net.ipv4.conf.eth2.arp_announce = 2
If you plan to have many VIPs, or if you plan to use CommuniGate Pro Load Balancing with the Linux built-in ipvs load balancer, do not create /etc/sysconfig/network-scripts/ifcfg-lo:n files. Create the /etc/sysconfig/vipaddrs configuration file instead, and put all VIP addresses into it, as addresses, or subnetworks, one address per line. For example:
# single addresses 126.96.36.199 188.8.131.52 # a subnetwork 184.108.40.206/29
Note: line sta