LVS
lvs-users
Google
 
Web LinuxVirtualServer.org

Re: making apache play nice.

To: Wensong Zhang <wensong@xxxxxxxxxxxx>
Subject: Re: making apache play nice.
Cc: Michael Sparks <michael.sparks@xxxxxxxxx>, lvs-users@xxxxxxxxxxxxxxxxxxxxxx, loul@xxxxxxxx, Mike Jurney <mikej@xxxxxxxxxx>
From: tc lewis <tim@xxxxxxxxxx>
Date: Fri, 14 Jan 2000 10:50:21 -0500 (EST)
...and apache (and its virtual hosts) now works fine with no special
Listen/BindAddress directives.  =)

perfect.

-tcl.


On Fri, 14 Jan 2000, tc lewis wrote:

> 
> laugh.  i figured out what's wrong.
> thanks to jeremy hansen for pointing it out, but i needed ip forwarding
> enabled on my real servers.  a swift "echo 1 >
> /proc/sys/net/ipv4/ip_forward" made it work for me right away.  didn't
> test all the apache stuff, but the telnet/port 23 stuff works fine.
> 
> i feel dumb.  =)
> 
> thanks!
> 
> -tcl.
> 
> 
> On Fri, 14 Jan 2000, tc lewis wrote:
> 
> > 
> > 
> > On Fri, 14 Jan 2000, Wensong Zhang wrote:
> > 
> > > tc lewis wrote:
> > > > 
> > > > ok, this definitely makes sense.
> > > > solution 1 won't work for me (way way way too many sites).  =)
> > > > solution 2 i just don't like, heh.
> > > > solution 3 is wise.
> > > > 
> > > 
> > > Solution 3 is good for performance, and easy to maintain for virtual
> > > hosting. The httpd.conf of Apache is the same for all the web servers,
> > > so you can edit one and copy it to all other servers.
> > 
> > 
> > beautiful.  =)
> > 
> > 
> > 
> > > > i'm trying to switch to vs-dr.
> > > > i now have:
> > > > [root@jammer /root]# /sbin/ipvsadm
> > > > IP Virtual Server version 0.8.3 (size=4096)
> > > > Protocol LocalAddress:Port Scheduler Flags
> > > >       -> RemoteAddress:Port    Forward Weight ActiveConn InActConn
> > > > TCP 206.245.168.31:80 rr
> > > >       -> 192.168.123.3:80      Route   1      0          0
> > > >       -> 192.168.123.2:80      Route   1      0          0
> > > > 
> > > > real servers are the same.
> > > 
> > > No, this won't work.
> > > 
> > > You need configure the 206.245.168.31 on a non-arp interface alias or
> > > use Horm's redirect approach for the LVS/DR. Please have a look at
> > > http://www.LinuxVirtualServer.org/arp.html for more information.
> > > 
> > > You probably need to configure external IP address on the real servers
> > > too, so that the outgoing packets don't go through the load balancer,
> > > but follow their own routes.
> > > 
> > > Hope it helps,
> > > 
> > > Wensong
> > 
> > 
> > er, hold on.  that was on my director machine.
> > 
> > i switched around some ips--thought it might be an internal network thing.
> > here's what i have now:
> > 
> > DIRECTOR:
> > [root@jammer /root]# /sbin/ifconfig -a
> > eth0      Link encap:Ethernet  HWaddr 00:E0:29:34:74:D1
> >           inet addr:206.245.168.30  Bcast:206.245.168.255
> > Mask:255.255.255.0
> >           UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
> >           RX packets:10856 errors:0 dropped:0 overruns:0 frame:0
> >           TX packets:6556 errors:0 dropped:0 overruns:0 carrier:0
> >           collisions:0 txqueuelen:100
> >           Interrupt:12 Base address:0xe400
> > eth0:0    Link encap:Ethernet  HWaddr 00:E0:29:34:74:D1
> >           inet addr:206.245.168.31  Bcast:206.245.168.255
> > Mask:255.255.255.0
> >           UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
> >           Interrupt:12 Base address:0xe400
> > lo        Link encap:Local Loopback
> >           inet addr:127.0.0.1  Mask:255.0.0.0
> >           UP LOOPBACK RUNNING  MTU:3924  Metric:1
> >           RX packets:154 errors:0 dropped:0 overruns:0 frame:0
> >           TX packets:154 errors:0 dropped:0 overruns:0 carrier:0
> >           collisions:0 txqueuelen:0 
> > [root@jammer /root]# /sbin/ipchains -L
> > Chain input (policy ACCEPT):
> > Chain forward (policy ACCEPT):
> > Chain output (policy ACCEPT):
> > [root@jammer /root]# /sbin/ipvsadm
> > IP Virtual Server version 0.8.3 (size=4096)
> > Protocol LocalAddress:Port Scheduler Flags
> >       -> RemoteAddress:Port    Forward Weight ActiveConn InActConn
> > TCP 206.245.168.31:80 rr
> >       -> 206.245.168.33:80     Route   1      0          0
> >       -> 206.245.168.32:80     Route   1      0          0         
> > 
> > 
> > 
> > REAL SERVER (206.245.168.32):
> > [root@one /root]# /sbin/ifconfig -a
> > eth0      Link encap:Ethernet  HWaddr 00:E0:29:2A:D9:DC
> >           inet addr:206.245.168.32  Bcast:206.245.168.255
> > Mask:255.255.255.0
> >           UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
> >           RX packets:7646 errors:0 dropped:0 overruns:0 frame:0
> >           TX packets:1566 errors:0 dropped:0 overruns:0 carrier:0
> >           collisions:0 txqueuelen:100
> >           Interrupt:12 Base address:0xe400
> > lo        Link encap:Local Loopback
> >           inet addr:127.0.0.1  Mask:255.0.0.0
> >           UP LOOPBACK RUNNING  MTU:3924  Metric:1
> >           RX packets:39 errors:0 dropped:0 overruns:0 frame:0
> >           TX packets:39 errors:0 dropped:0 overruns:0 carrier:0
> >           collisions:0 txqueuelen:0
> > [root@one /root]# /sbin/ipchains -L
> > Chain input (policy ACCEPT):
> > target     prot opt     source                destination           ports
> > REDIRECT   tcp  ------  anywhere             telnet-stream.iuinc.com  any
> > ->   www => www
> > Chain forward (policy ACCEPT):
> > Chain output (policy ACCEPT):
> > 
> > 
> > REAL SERVER (206.245.168.33):
> > [root@two /root]# /sbin/ifconfig -a
> > eth0      Link encap:Ethernet  HWaddr 00:E0:29:34:95:B6
> >           inet addr:206.245.168.33  Bcast:206.245.168.255
> > Mask:255.255.255.0
> >           UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
> >           RX packets:6979 errors:0 dropped:0 overruns:0 frame:0
> >           TX packets:948 errors:0 dropped:0 overruns:0 carrier:0
> >           collisions:0 txqueuelen:100
> >           Interrupt:12 Base address:0xe400
> > lo        Link encap:Local Loopback
> >           inet addr:127.0.0.1  Mask:255.0.0.0
> >           UP LOOPBACK RUNNING  MTU:3924  Metric:1
> >           RX packets:35 errors:0 dropped:0 overruns:0 frame:0
> >           TX packets:35 errors:0 dropped:0 overruns:0 carrier:0
> >           collisions:0 txqueuelen:0
> > [root@two /root]# /sbin/ipchains -L
> > Chain input (policy ACCEPT):
> > target     prot opt     source                destination           ports
> > REDIRECT   tcp  ------  anywhere             telnet-stream.iuinc.com  any
> > ->   www => www
> > Chain forward (policy ACCEPT):
> > Chain output (policy ACCEPT):
> > 
> > 
> > CLIENT:
> > CIP: 205.147.201.9
> > [tcl@devel tcl]$ telnet 206.245.168.31 80
> > Trying 206.245.168.31...
> > 
> > <hangs...>
> > 
> > when it does, the director shows an inactive connection:
> > [root@jammer /root]# /sbin/ipvsadm
> > IP Virtual Server version 0.8.3 (size=4096)
> > Protocol LocalAddress:Port Scheduler Flags
> >       -> RemoteAddress:Port    Forward Weight ActiveConn InActConn
> > TCP 206.245.168.31:80 rr
> >       -> 206.245.168.33:80     Route   1      0          1
> >       -> 206.245.168.32:80     Route   1      0          0         
> > 
> > 
> > what am i missing here?
> > 
> > oh, "telnet-stream.iuinc.com" above is just 206.245.168.31.  i haven't
> > fixed dns for all those ips yet.
> > 
> > i thought it might be some apache listening thing, so i tried it with
> > telnet and port 23 instead with the same setup as above, and it's doing
> > the same thing.
> > 
> > maybe i misread documentation somewhere, but i thought this was a proper
> > setup...
> > 
> > thoughts?
> > 
> > -tcl.
> > 
> > 
> > 
> > - - - - -
> > 
> > 
> > 
> > > > i threw a "Listen 206.245.168.31:80" in my apache config for kicks.
> > > > now i'm not getting connections at all.
> > > > 
> > > > i'm assuming this has something to do with the fact that my client 
> > > > machine
> > > > and my real servers can't contact each other because the real servers 
> > > > are
> > > > internal 192.168.123.x addresses.  i still have masquerading setup 
> > > > (using
> > > > my director as the gateway just for convenience), but that doesn't seem 
> > > > to
> > > > be working.  so i added a 192.168.123.0/24 route to my client machine 
> > > > and
> > > > a 205.147.201.0/24 route to the real servers (they're behind the same
> > > > router) to see if that would help, but it still doesn't.  no connections
> > > > at all...
> > > > 
> > > > [tcl@devel tcl]$ telnet 206.245.168.31 80
> > > > Trying 206.245.168.31...
> > > > 
> > > > <hang forever>...
> > > > 
> > > > i'm guessing this may still have something to do with the real servers
> > > > being unroutable ips, even tho it shouldn't be trying to route through
> > > > anything...hmm...i'm confused.  =)
> > > > 
> > > > any ideas?
> > > > 
> > > > -tcl.
> > > >
> > > 
> > > ----------------------------------------------------------------------
> > > LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
> > > To unsubscribe, e-mail: lvs-users-unsubscribe@xxxxxxxxxxxxxxxxxxxxxx
> > > For additional commands, e-mail: lvs-users-help@xxxxxxxxxxxxxxxxxxxxxx
> > > 
> > > 
> > 
> > 
> > ----------------------------------------------------------------------
> > LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
> > To unsubscribe, e-mail: lvs-users-unsubscribe@xxxxxxxxxxxxxxxxxxxxxx
> > For additional commands, e-mail: lvs-users-help@xxxxxxxxxxxxxxxxxxxxxx
> > 
> > 
> 
> 
> ----------------------------------------------------------------------
> LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
> To unsubscribe, e-mail: lvs-users-unsubscribe@xxxxxxxxxxxxxxxxxxxxxx
> For additional commands, e-mail: lvs-users-help@xxxxxxxxxxxxxxxxxxxxxx
> 
> 

<Prev in Thread] Current Thread [Next in Thread>