How Linux Virtual Server (LVS) Directs Traffic: NAT, IP Tunnel, Direct Routing Explained

LVS stands for Linux Virtual Server, the first major kernel module contributed by Chinese developers to the Linux kernel and a mainstream load‑balancing technology.

How does LVS forward user requests to application servers?

1. Network Address Translation (NAT)

When a request reaches the scheduler, it selects a real server from the pool, rewrites the packet’s destination IP address and port to that server’s, and forwards the packet. After the server processes the request, the response packet’s source address and port are rewritten back to the virtual IP before being sent to the client.

2. IP Tunnel (TUN)

The scheduler encapsulates the user request in an IP tunnel and sends it directly to a chosen server, which then replies to the client without passing through the front‑end scheduler, reducing its load. Both scheduler and target server must have the tunnel protocol configured; the scheduler wraps the IP packet, the server unwraps it and processes the original payload.

For example, with a tunnel set up between hosts A and B, packets travel through the predefined tunnel path rather than the normal routing path.

3. Direct Routing (DR)

By rewriting the request packet’s MAC address, the scheduler sends the packet directly to the target server, and the server replies directly to the client. This method avoids IP encapsulation and scheduler‑mediated return traffic, offering the best performance among the three, but requires the scheduler and real servers to reside on the same physical network segment.

Images illustrating each method are omitted here for brevity.