Newbie Problems with NAT RH 6.2, piranha-0.4.14-1, ipvsadm-1.1-2

[Shaun McCullagh <smccullagh@xxxxxxxxxxxxxxxxxxxxxxxxxx>]

Hi,

I'm trying a very simple LVS/NAT config with one LVS Router and one Real
Server.

Pulse starts up fine, and nanny gets the output from uptime on the real
server. The client browser can ping all the interfaces on both router
and the real server.

The problem is the client browser cannot retrieve any data from the
virtual server.

Tcpdump shows some data is exchanged, but nothing shows up in the apache
log on the real server when the client requests a page via the virtual
server running on the LVS router. 

The client browser can access the real server directly.

Any help would be greatly appreciated

TIA

    ________
   |        | 
   | client | 192.168.31.101/24
   |________|                           
       |          
       |  
       |                                                   
       |                                                   
 vs1 192.168.31.157/24 (eth0:1)                      
  192.168.31.148/24 (eth0)                              
  __________                                               
 |          |                                              
 | lvsmain  | VA Linux 2130, 2.2.14  
 |__________|                                              
 192.168.100.1(eth1)
 NAT Router 192.168.100.254 (eth1:1)                       
       |                                                   
    (switch)
       |
       |
 s3 = 192.168.100.5 (eth0)
 ____________
|            |
| realserver | VA Linux, 2.2.14.
|____________| default gw, 192.168.100.254
  
========================== lvs.cf
============================================

primary = 192.168.31.148
service = lvs
rsh_command = ssh
keepalive = 2
deadtime = 10
network = nat
nat_router = 192.168.100.254 eth1:1
virtual vs1 {
     active = 1
     address = 192.168.31.157 eth0:1
     port = 80
     load_monitor = uptime
     scheduler = wlc
     protocol = tcp
     timeout = 10
     reentry = 180

     server s3 {
         address = 192.168.100.5
         active = 1
         weight = 1000
     }
}
=======================================================================

Output from netstat, ipchains and ipvsadm

[root@fizz /root]# /sbin/ipvsadm
IP Virtual Server version 0.9.8 (size=4096)
Prot LocalAddress:Port Scheduler Flags
  -> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP  C0A81F9D:0050 wlc
  -> C0A86405:0050      Masq    10000  0          0

[root@fizz /root]# ipchains -L -n
Chain input (policy ACCEPT):
Chain forward (policy ACCEPT):
target     prot opt     source                destination          
ports
MASQ       all  ------  192.168.100.0/24     0.0.0.0               n/a
Chain output (policy ACCEPT):

[root@fizz /root]# netstat -M
IP masquerading entries
prot   expire source               destination          ports
tcp   0:55.93 s3.information-innovation.com
io.information-innovation.com www -> 1344 (www)

[root@fizz /root]# lsmod
Module                  Size  Used by
ip_vs_wlc               1012   1  (autoclean)

========================================================================

-- 
Shaun McCullagh
Senior Unix Administrator
Information Innovation B.V. 
Amstelveenseweg 88 - 90 
1075 XJ Amsterdam 
tel: +31 20 589 5595
fax: +31 20 589 5566 
email: smccullagh@xxxxxxxxxxxxx 
url: http://www.goldridge.net/