|
I've looked at the docs on lvs.org and browsed through the mailing list
archives but
I have a question about setting up lvs with ipip encapsulation across different
networks.
[root@lb1 /root]# ipvsadm -L -n
IP Virtual Server version 0.9.16 (size=16384)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 209.8.170.38:22 rr
-> 38.XX.XXX.XXX:22 Tunnel 1 0 1
-> 192.168.33.114:22 Tunnel 1 0 1
-> 192.168.33.113:22 Tunnel 1 0 0
[root@lb1 /root]#
The 209.8.170.38 is a virtual ip address that the lvs looks at. The relevant
ifconfig for the LVS is:
eth1:0 Link encap:Ethernet HWaddr 00:D0:B7:1E:8D:57
inet addr:209.8.170.38 Bcast:209.8.170.38 Mask:255.255.255.255
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:5 Base address:0xee80 Memory:d0875000-d0875900
(I'm using eth1 because it has an IP address on the net with the VIP, is this
necessary or a problem?)
The relevant ifconfig on the private net servers is:
tunl0 Link encap:IPIP Tunnel HWaddr
inet addr:209.8.170.38 Mask:255.255.255.255
UP RUNNING NOARP MTU:1480 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
in both cases I've done the (route add -host 209.8.170.38 dev eth1:0/tunl0
respectively).
The ifconfig on the othernet server was done the same way as the private net
servers.
However if I try to ssh VIP I just hang. Doing an ipvsadm -L -n shows me that I
have inactive connections on both private net servers and other net servers.
IP Tunneling is directly compiled into my 2.2.17 kernel, as is Net firewalls,ip
forwarding,ip firewalling, ip masq and all the IPVS patch stuff. On the
servers IP
tunneling is also directly compiled into the kernels.
Any help would be greatly appreciated, even if it's a RTFM with a pointer to the
right manual :)
Jeffrey Schoolcraft
|
