Public IP on loop back interface
Mike Kallies
mike.kallies-Re5JQEeQqe8AvxtiuMwx3w at public.gmane.org
Tue Apr 17 11:20:19 UTC 2012
On 16/04/2012 10:24 PM, James Knott wrote:
> Mike Kallies wrote:
>> You add the shared IP to the loopback. Then when a frame hits your
>> server with the destination IP address, the packet happily goes up the
>> stack. The reply packet goes out the normal route because it doesn't
>> care about the source mac.
>
> That would apply only for traffic within the local LAN, as MAC addresses
> don't make through routers. Also, unless the NIC is in promiscuous
> mode, that computer shouldn't even see a frame that doesn't have it's
> MAC as the destination, other than broadcasts.
That's the point though. The load balancer uses the MAC to select the
node which will respond. It's a slick system. Imagine a couple dozen
Apache servers behind a load balancer. The load balancer has all the
MACs in a table, then selects the node which will respond by directing
traffic to the target MAC.
The source and target IP address are preserved and the reply packet
doesn't go back through the load balancer. This asymmetric path is
especially nice for something like http, where most often the request is
a tiny fraction of the size of the reply. The logs are also clean with
no reverse proxy or NAT appearing in them.
I've set this system up, but I'm not aware of FOSS implementations.
Point is, it's one situation where you'd put the IP on the loopback :-)
-Mike
--
The Toronto Linux Users Group. Meetings: http://gtalug.org/
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://gtalug.org/wiki/Mailing_lists
More information about the Legacy
mailing list