Thanks, Joe. :) I really appreciate the help!
I'm recompiling my real server kernel as I type, and I'm hoping that I'll be
able to get things going when I set up my VIP on lo:0. The extra NICs
seemed like the easiest suggestion for getting around the ARP problem (and I
had 2 spares!), so that's what I chose to try that first... :)
Here is my lvs_dr.conf that I was using; I think that I've set it up
correctly. (I've defined lvs, director-inside, app1, app2, and gateway in
my /etc/hosts file).
VIP=eth0:0 lvs 255.255.255.255 lvs
DIRECTOR_INSIDEIP=eth0 director-inside 192.168.1.0 255.255.255.0
#no default gw for director with VS-DR or VS-Tun
SERVICE=t telnet rr app1 app2
SERVICE=t http rr app1 app2
BTW, I checked my ping, and indeed, I can do ping -c 1 -- the configure
script seemed to run beyond the "ping" section, but then at the end it
reported a fatal error... However, when I ran ipvsadm afterwards, it had
added all of the services that I'd wanted in there, so it didn't *really*
seem like it had failed...
Will I need $router_forwards to be defined at all?
Thanks again, I'll write again when I get the my newly compiled kernels
----- Original Message -----
From: "Joseph Mack" <mack.joseph@xxxxxxx>
Sent: Wednesday, April 25, 2001 11:51 AM
Subject: Re: Newbie: LVS-DR on 2.4.3
> Scott Jones wrote:
> > Hi Everybody,
> > So, I'm trying to get LVS-DR set up on three boxes (on director and 2
> > servers) for http (and later https). I'm trying to get telnet working
> > since it seems to be the most simple to get working. At this point, I
> > been able to get the director's kernel compiled with the ipvs patch, and
> > have run the configure perl script (I had to download perl-Net-DNS).
> > To get the rc.lvs_dr script to run without "fatal" errors on the
> > box, I had to install fping and ntp.
> hmm. I'd better fix that. If you're running configure-lvs-0.8, it will
> test your ping to see if it can be run with the -c 1 option.
> Can your ping be run with
> ping -c 1 machine_name(or IP)
> If it can't then you'll either need a newer ping or fping. The output
> from the rc.lvs file should show you what's going on here.
> ntp is something I put in to keep all machines synchronised.
> ntpd is not neccessary for the LVS. I didn't realise
> that the script would fail without it. Sorry about that.
> > I get a message that $router_forwards
> > is not set to Y|N (and that I'll be told which one to set it to when I
> > rc.lvs_dr on the real servers. When I run it on my real servers, I
> > get told which one to use...
> Hmm. It looks like I was too cryptic here. The instructions
> tell you to look if the director can ping the VIP. You then
> get a table of what to do next. I'll look into this.
> > To deal with the "ARP problem" (which I don't really understand beyond
> > fact that the real servers need to NOT respond to packets sent to the
> > unless they've been forwarded to the real server by the director -- is
> > a decent approximation of the problem?),
> that's it, you've got it.
> > I have installed an extra NIC in
> > each real server (they now have 3 apiece, and the VIP has been set up on
> > eth2), as suggested as a potential solution on the HOWTO
> > (http://www.linuxvirtualserver.org/Joseph.Mack/HOWTO/LVS-HOWTO-3.html).
> > When I run the rc.lvs_dr script on the real servers, I get:
> > Warning:
> > You are moving the VIP from one device
> > (presumably from a previous LVS installation),
> > to a different ethernet device.
> > (even though in my lvs_dr.conf I have the SERVER_VIP_DEVICE set to
> haven't tested this script with multiple NICs on the real-servers.
> > Then, it takes down my eth2 (so that ifconfig doesn't display eth2
> It's supposed to bring the VIP back up again. Obviously it hasn't.
> The script has been tested only with the VIP for VS-DR on an lo alias eg
> > The wierdest thing is that after running rc.lvs_dr on both real servers,
> > sending an http request (or begin a telnet session) to the VIP, I
> > get a response from ONLY ONE of the servers (and ipvsadm doesn't display
> > connection information for either http or telnet).
> Presumably the real-server is giving out arp replies for the VIP. On the
> client, ping the VIP and then look at the MAC address associated with the
> by doing arp -a. In your setup the MAC address will (incorrectly)
> be on the real-server.
> > It also doesn't seem to
> > matter whether I have the VIP up or not on the real server...
> hmm, not sure about this one. Let's leave it till last. I expect it
> will clear up with the other problems.
> > Does anyone have any suggestions for me? I think that I going for
> > much the most basic configuration possible (but if anybody has any
> > suggestions, that'd be great!).
> How about you put the SERVER_VIP_DEVICE to lo:0 until I get my script
> fixed. If you're running a 2.2.x real-server, the script will handle
> the arp problem for you. If you're running a 2.4.x real-server you'll
> have to patch the real-server kernel before running the rc.lvs script.
> See the link at the bottom of this section.
> Joseph Mack PhD, Senior Systems Engineer, Lockheed Martin
> contractor to the National Environmental Supercomputer Center,
> mailto:mack.joseph@xxxxxxx ph# 919-541-0007, RTP, NC, USA