|
> I am setting up a LVS/DR cluster with 2 nodes(FreeBSD), but It doesn't work.
> 1. LVS dosen't forward http request packet to the real server..
> 2. I don't know how FreeBSD(real server) can avoid arp request..
> Second, Here's my ipvsadm output:
> [root@LVS /]# ipvsadm -L -n
> IP Virtual Server version 0.9.7 (size=4096)
> Prot LocalAddress:Port Scheduler Flags
> -> RemoteAddress:Port Forward Weight ActiveConn InActConn
> TCP 203.231.63.70:www rr
> -> 255.255.255.255:52199 Masq 4194304 0 0
>
> Last output line seems wrong,, I think It should look like this.. right?
>
> TCP 203.231.63.70:www rr
> -> 203.231.63.71:80 route 1 0 0
> -> 203.231.63.72:80 route 1 0 0
>
> **How can I fix this thing??
you are probably using a version of ipvsadm that doesn't match the ipvs.
> Second problem:
>
> As you know.. in LVS cluster, real servers should not reply to arp request
> that
> asks VIP's MAC address.. Only LVS should reply to that arp request..
there are many ways of handing the arp problem. Arranging for the real-servers
to not reply
to arp requests is one of them, but there are others (see the HOWTO).
> I have an idea about it.. Let the real server reply to client's arp
> request(for VIP)
> with LVS's hardware address.. then all client's packet that towards VIP go
> to the LVS..
> That's a good idea..
> so I commanded like this..
>
> arp -s 203.231.63.70 00:10:5A:76:02:49 pub
>
> 203.231.63.70 is VIP and 00:10:5A:76:02:49 is LVS's MAC address..
>
> I got a meessage :
> set: proxy entry exists for non 802 device
>
> without 'pub' flag :
> set: can only proxy for 203.231.63.70
on Linux, the 'pub' flag fails too, but without it's fine. I don't know what
your messages are about.
What you are doing is putting an entry into the real-server's arp table telling
it how to find the ethernet card with the VIP. The real-server doesn't need to
know where the VIP is. It already knows that it's local.
The machine that needs to know the MAC address of the VIP is the router. You can
put
an arp entry for the VIP into the router's arp table instead. This should fix
the problem.
AFAIK ifconfig on BSD has a -arp option, which should turn off arp replies from
your
real-servers.
Another way then to handle the arp problem would be to try a command like
SVR1# ifconfig lo0 alias $VIP netmask 0xffffffff -arp up
(this is from ratz, who figured all these things out, but we haven't had a lot
of people test them yet.)
When you get it to work, can you send me the commands you used to set up your
lvs?
Thanks
Joe
--
Joseph Mack PhD, Senior Systems Engineer, Lockheed Martin
contractor to the National Environmental Supercomputer Center,
mailto:mack.joseph@xxxxxxx ph# 919-541-0007, RTP, NC, USA
|
