|
We're trying to configure our network to use LVS-DR but we're having
problems.
According to our TCP dumps it appears that our ACK responses to the initial
SYN packet are being blocked by the LVS server. This happens even when
there are no ipchains rules installed. We can see the SYN packet being
received on the real server and a TCP dump shows the ACK being transmitted,
but on the external side of the LVS server the ACK doesn't appear.
Connections directly to the RIPs work perfectly.
I'd gratefully appreciate any hints on how to prevent this!
Our config:
LVS: 0.9.7 + 2.2.13
ipvsadm -A -t 195.72.163.65:80 -p 600 -s wlc
ipvsadm -a -t 195.72.163.65:80 -R 195.72.163.34 -g
ipvsadm -a -t 195.72.163.65:80 -R 195.72.163.35 -g
The VIP address 195.72.163.65 is configured on a loopback alias on both the
LVS server and the real machines. The LVS VIP is advertised by OSPF on the
external LAN, and is in a different subnet to the RIPs (195.72.163.32/27).
thanks,
Ray.
--
Ray Bellis, MA(Oxon) - Technical Director - community internet plc
Windsor House, 12 High Street, Kidlington, Oxford, OX5 2PJ
tel: +44 1865 856000 email: ray.bellis@xxxxxxxxxxxxxxxx
fax: +44 1865 856001 web: http://www.community.net.uk/
Ray Bellis.vcf
Description: Vcard
----------------------------------------------------------------------
LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
To unsubscribe, e-mail: lvs-users-unsubscribe@xxxxxxxxxxxxxxxxxxxxxx
For additional commands, e-mail: lvs-users-help@xxxxxxxxxxxxxxxxxxxxxx
|
