|
Un fortunately, mine seems to be translating the port to 0.
On a windows machine, I do 'telnet virtualhost 9999'
Running tcpdump on the real host, I see this:
08:54:05.707900 windowsmachine.64551 > 192.168.1.2.0: S 59460022:59460022(0)
win 8192 <mss 1460,nop,nop,sackOK> (DF)
08:54:05.708164 192.168.1.2.0 > windowsmachine.64551: R 0:0(0) ack 1 win 0
Running 'ipchains -M -L' on the ipvs machine, shows this entry:
TCP 00:04.63 192.168.1.2 windowsmachine 0 (9999) -> 64551
Looks to me, unfortunately, that the port *is* being translated to 0. Again,
this is with Kernel 2.2.15, ipvs 0.9.12. The commands issued to set this up
were:
ipchains -A input -d virtualhost -m 1
ipvsadm -A -f 1 -s rr
ipvsadm -a -f 1 -r 192.168.1.2 -m
A side note, this is on Debian 2.2(potato).
-----Original Message-----
From: Horms [mailto:horms@xxxxxxxxxxxx]
Sent: Saturday, May 20, 2000 3:37 PM
To: Clint Byrum
Cc: Lvs-Users
Subject: Re: FWmark & Masq destination port.
On Sat, May 20, 2000 at 12:27:01PM -0700, Clint Byrum wrote:
> I've just been messing with 0.9.12(kernel 2.2.15), and the new FWmark
> virtual service mode.
> It works great, but I'd like to know of a way to have the destination port
> remain unchanged.
> What I mean is this.
>
> Virtualhost needs to serve several ports. The load balancer marks all
> packets to it with
> fwmark 1. There are then two real servers that do the actual serving.
>
>
> ipchains -A input -d virtualhost -m 1
> ipvsadm -A -f 1 -s rr
> ipvsadm -a -f 1 -r real1 -m
> ipvsadm -a -f 1 -r real2 -m
>
> Unfortunately, this causes packets to be delievered to the real servers
with
> destination
> ports of 0. It would seem more logical to leave the destination port
> unchanged, if it is
> not specified.
My testing indicates that when fwmark services are used the
port (0 or otherwise) specified for the real server is ignored and
the destination port is left unchanged. I will update the output
and documentation of ipvsadm to reflect this more accurately.
--
Horms
|
