[pptp-server] PPTP & LVS

Kenneth E. Lussier klussier at mclinux.com
Thu Jul 27 14:28:48 CDT 2000 

The short and simple answer is that yes, you can do the load balencing
with either LVS or "round-robin" DNS scheme. However, before I go into a
detailed explaination, I want to be up front about the fact that I work
for Mission Critical Linux, which developed the Kimberlite clustering
software. I'm a sysadmin, so I'm not involved with sales, marketing,
etc. I do have a bias toward our software because I think it's cool
technology, not because I get payed to say it is ;-) So, now on to the
long, involved answer:

The problem that you run into when you implement only a load balancing
solution is the handling of dead nodes. With RR-DNS, the DNS server will
send traffic to a specific set of machines. If one of those machines
dies, the DNS server will still direct traffic to it, wait for a
timeout, then fail to the next. LVS is a little smarter, and it can
detect a dead node and remove it from it's load map. The problem there
is that the dead node can come back to life and think it is still in the
loop and muck everything up. Either one of these solutions can have
serious implications in an enterprise-level envirionment. If you are
planning on doing this for a large company, and the servers need to be
highly available, I really recommend a clustered solution. With a
cluster, you have two (or more boxes), and if one of them dies, the
other assumes it's identity through gratuitios ARP. With the Kimberlite
package, the one that takes over shoots the other box in the head, so to
speak, so that it can't come back to life unexpectedly and muck
everything up. So, if you implement a clustered solution, the system (in
theory) can never go down. Now, if you put an LVS director in front of
this, you could have several two-node clusters to spread out the work.
To the outside world, there is one IP address, but the reality is
several different machines sharing the load, and a perfect HA solution.
However, I seriously recommend a clustered LVS director, since it will
be taking all of the hits, and if *IT* goes down, your screwed ;-)

Just my $.02,
Kenny

-- 
Kenny Lussier
Systems Administrator
Mission Critical Linux
***********************************************************
Life is a lesson, you learn it at the end
Reality has become increasingly less accurate
***********************************************************

"Ronnie F. Moller, Jr." wrote:
> 
> Keith:
> 
> The most important need is load balancing. Do you feel that this package
> will work with the PoPToP, and provide a better solution than the DNS
> approach?
> 
> -Ronnie
> 
> -----Original Message-----
> From: root at chmls05.mediaone.net [mailto:root at chmls05.mediaone.net]On
> Behalf Of Kenneth E. Lussier
> Sent: Wednesday, July 26, 2000 5:53 PM
> To: Ronnie F. Moller, Jr.
> Cc: pptp-server at lists.schulte.org
> Subject: Re: [pptp-server] PPTP & LVS
> 
> I think that you may want to define your needs a little more
> clearly. High Availability and Load Balancing aren't really the
> same thing. For an HA environment, you should look more toward
> clustering. Load Balancing will only address your second need,
> load/stress reduction of the system. In either event, I highly
> reccommend that you take a look at the Kimberlite project @
> http://oss.missioncriticallinux.com . It is open-sourced
> clustering technology that can be used in an LVS environment, but
> doesn't have to be. One thing to keep in mind is that you will
> need need the ipmasqadmin package in order to forward the
> connections and tunnels from the LVS front-end to the actual pptp
> servers.
> 
> FYI,
> Kenny
> "Ronnie F. Moller, Jr." wrote:
> >
> > Has anyone configured a Load Balancing linux server ( Piranaha? ) with
> > multiple PPTP servers behind it? Reading the archives it appears that if I
> > configure LVS for port 1723, then the LVS should work without a problem. I
> > am interested if this has been done?
> >
> > I have two objectives. The first is High availablity, and the second is to
> > take the stress of 200+ individual connections off of a single machine.
> >
> > Any thoughts and/or ideas would be greatly appreciated.
> > THanks
> > Ronnie Moller
> >
> > _______________________________________________
> > pptp-server maillist  -  pptp-server at lists.schulte.org
> > http://lists.schulte.org/mailman/listinfo/pptp-server
> > List services provided by www.schulteconsulting.com!
> 
> _______________________________________________
> pptp-server maillist  -  pptp-server at lists.schulte.org
> http://lists.schulte.org/mailman/listinfo/pptp-server
> List services provided by www.schulteconsulting.com!

More information about the pptp-server mailing list