|
Well i checked ,double checked ...
The hiding doesnt apply to my setup 'cause i have the director in one net and
the RS in another ... i did a mistake ... the .77 is in the same net as
212.43.221.128/27.
now i'm sure my problem is about routing ...
so:
the "demo" machine is gone ...now i'm using "212.43.218.152" as the director ...
i'm not sure if the vip has to be in the Director's net or not, or does it make
it more complicated,...
so :
on the Director : eth0:0 == VIP.
on the Real : tunl0 == VIP.
this i'm sure of!
now the routing :
what i understood was:
i'm almost sure i'm screwing up here !
Director: it's route to VIP is eth0:0
Real : it's route to VIP is tunl0
ipvsadm on the director :
ipvsadm -A -t 212.43.218.77:22
ipvsadm -a -t 212.43.218.77:22 -r 212.73.232.232:22
My VIP == 212.43.218.77
My Dir == 12.43.218.152
My NewReal == 212.73.232.232
On Thu, 11 Oct 2001 01:38:30 +0000 (GMT)
Julian Anastasov <ja@xxxxxx> wrote:
:)
:) Hello,
:)
:)On Thu, 11 Oct 2001, djamil wrote:
:)
:)> oh ! thank you for replaying !
:)> well you must be right, altho i followed some of the examples at the
:)site [about the netmask and broadcast addresses].... because when i run
:)ssh in debug mode it finally got me an error message : no route to host
:)!
:)
:) Following the examples is not always enough :)
:)
:)> and mozilla finally got me an connection refused ....
:)> for hiding it i will try it tomorow [it's 00:00 here hehe !]
:)>
:)> but even after reading the docs i thaught i wouldn have because "UP
:)RUNNING NOARP" in the ifconfig ...
:)
:) Make your tcpdumps. NOARP does not play here. Where are these
:)wrong docs?
:)
:)> also there is a firewall altho i double checked the trafic needed does
:)go thru, unless u tell me there must be a special "opening" which would
:)be surprizing 'cause ipip should be just another packet like another
:).... just a little bit longer ...
:)>
:)> i hope you have noticed the two machines are in two different
:)dataceters ...
:)
:) I see these different networks:
:)
:)1. 212.43.221.77/32
:)2. 212.43.221.128/27
:)3. 212.73.232.192/26
:)
:)You have the assumption that (1) can talk ARP with (3)
:)
:)> also: .200 pings .146 and vice-vers-ca
:)>
:)> .200 pings .77 internally
:)> .146 pings .77 internally
:)>
:)> i hope this is normal !
:)
:) ping to local IP is not enough for this setup to work. You
:)have to persuade gateway 212.73.232.193 to reply to ARP
:)probes in the form "who-has 212.73.232.193 tell 212.43.221.77".
:)If you hide 221.77 the probe will be "who-has 212.73.232.193 tell 200"
:)
:)> snap-snap
:)>
:)> > >
:)> > > eth0:0 Link encap:Ethernet HWaddr 00:D0:B7:00:B1:DC
:)> > > inet addr:212.43.221.77 Bcast:212.43.221.77
:)Mask:255.255.255.255
:)> > > UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
:)> > > Interrupt:10
:)> >
:)> > Are you sure that you can talk with 221.77? I don't see valid
:)> > network for it, it is not from the 221.146/27 network.
:)>
:)> what do u mean ? is the Bcast/Mask wrong ?
:)> i wish it is so i can move on !
:)
:) 221.146/27 covers 221.128 - 221.159, 77 is not there but I don't
:)understand your setup completely. An ASCII chart would be helpful if
:)you still can't find the problem with tracing. In any case, next step
:)is we to see a tcpdump output for your real test from client host.
:)
:)
:)Regards
:)
:)--
:)Julian Anastasov <ja@xxxxxx>
:)
:)
:)_______________________________________________
:)LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
:)Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
:)or go to http://www.in-addr.de/mailman/listinfo/lvs-users
:)
--
Djamil ESSAISSI
Tel:01.58.64.22.44 - Fax:01.58.64.26.81
System Administrateur / Support Technique
www.francexpress.com - www.serveur-express.com
|
