making apache play nice.

To:	lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Subject:	making apache play nice.
Cc:	tc lewis <tim@xxxxxxxxxx>, loul@xxxxxxxx, Mike Jurney <mikej@xxxxxxxxxx>
From:	tc lewis <tim@xxxxxxxxxx>
Date:	Thu, 13 Jan 2000 13:16:55 -0500 (EST)

ok so it's been a couple months since i've actually done any lvs
implementation stuff, so i'm a little rusty.  i did up 3 systems with
redhat 6.1, using the default rh6.1 kernel, which has lvs stuff, altho a
little outdated i believe (are there major differences/fixes since then?).
i just wanted to test some stuff.  here's what i have going:

my director machine is 206.245.168.30 (eth0).  my vip is 206.245.168.31,
which is eth0:0 on the director.  eth0:1 is 192.168.123.1 (yeah i guess i
should really put a 2nd nic in there, but it shouldn't really matter,
should it?  all these machines are on the same switch behing the same
router...).

then i have 2 real servers, with eth0 as 192.168.123.2 and 192.168.123.3
on them, respectively.

i just set this up with nat and masquerading for the time being.  i'll
probably use a direct routing method if i were to actually put something
like this in production.  but here's what i have:

on the director:
[root@jammer /root]# /sbin/ipvsadm
IP Virtual Server version 0.8.3 (size=4096)
Protocol LocalAddress:Port Scheduler Flags
      -> RemoteAddress:Port    Forward Weight ActiveConn InActConn
TCP 206.245.168.31:80 rr
      -> 192.168.123.3:80      Masq    1      0          0
      -> 192.168.123.2:80      Masq    1      0          0         
[root@jammer /root]# /sbin/ipchains -L
Chain input (policy ACCEPT):
Chain forward (policy DENY):
target     prot opt     source                destination           ports
MASQ       all  ------  192.168.123.0/24     anywhere              n/a
Chain output (policy ACCEPT):


on my real servers:
[root@one /root]# /sbin/ipchains -L
Chain input (policy ACCEPT):
target     prot opt     source                destination           ports
REDIRECT   tcp  ------  anywhere             telnet-stream.iuinc.com  any ->   
www => www
Chain forward (policy DENY):
Chain output (policy ACCEPT):

and:
[root@two /root]# /sbin/ipchains -L
Chain input (policy ACCEPT):
target     prot opt     source                destination           ports
REDIRECT   tcp  ------  anywhere             telnet-stream.iuinc.com  any ->   
www => www
Chain forward (policy ACCEPT):
Chain output (policy ACCEPT):


i'm just using round robin because i want to make sure requests hit
alternating servers for this testing.

then i have a shared apache installation setup for those "one" and "two"
machines.

now, all of this works fine.  requests do alternate, responses get sent
back perfectly, and so on.

the problem comes in with apache virtualhosts.  in this situation, my
apache config has:
NameVirtualHost 206.245.168.31:80

and then i have, as one example:
<VirtualHost w1.bungalow.intra>
User u1
Group u1
UserDir htdocs
ServerAdmin tim@xxxxxxxxxx
DocumentRoot /home/WWW/w1.bungalow.intra/htdocs
ServerName w1.bungalow.intra
ErrorLog /home/WWW/w1.bungalow.intra/logs/error_log
CustomLog /home/WWW/w1.bungalow.intra/logs/access_log combined
ScriptAlias /cgi-bin/ /home/WWW/w1.bungalow.intra/cgi-bin/
</VirtualHost>

i've got a nameserver for these machines going that resolves
w1.bungalow.intra to 206.245.168.31.

so far, so good.  right?

well, when i try to get that w1.bungalow.intra web page from the outside
world (a machine on the 205.147.201 network that i made use that same
nameserver so w1.bungalow.intra resolves to 206.245.168.31 and blah blah),
i get the default apache page.  ie: the page from the global document
root, rather than that virtual host's document root.

i know this seems more like an apache question, but i thought it might
have something to do with how lvs redirects or rewrites those packets.
ie: maybe those requests are coming in to 192.168.123.x instead of
206.245.168.31, so apache doesn't recognize to follow the virtual host
then or something...i'm not really sure.  or maybe apache isn't binding to
206.245.168.31 since it's just an ipchains redirect rule instead of an
interface.  i played around with apache's "Listen" and "BindAddress"
directives to no avail.  i may simply not have played enough.

and i know i've gotten something like this to work before, a few months
back, but i can't tell what the difference is.

anyone have any experience with this and know what might be up here?

-tcl.


----------------------------------------------------------------------
LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
To unsubscribe, e-mail: lvs-users-unsubscribe@xxxxxxxxxxxxxxxxxxxxxx
For additional commands, e-mail: lvs-users-help@xxxxxxxxxxxxxxxxxxxxxx

<Prev in Thread]	Current Thread	[Next in Thread>
making apache play nice., tc lewis <= Re: making apache play nice., Jeremy Hansen Re: making apache play nice., tc lewis Re: making apache play nice., Jeremy Hansen Re: making apache play nice., Michael Sparks Re: making apache play nice., tc lewis Re: making apache play nice., Wensong Zhang Re: making apache play nice., tc lewis Re: making apache play nice., tc lewis Re: making apache play nice., Jeremy Hansen Re: making apache play nice., tc lewis

Previous by Date:	Re: making apache play nice., tc lewis
Next by Date:	Re: making apache play nice., Jeremy Hansen
Previous by Thread:	Virtual server -NAT not working, Sandeep Tambe
Next by Thread:	Re: making apache play nice., Jeremy Hansen
Indexes:	[Date] [Thread] [Top] [All Lists]