LVS_NAT Doesn't work

To:	<lvs-users@xxxxxxxxxxxxxxxxxxxxxx>
Subject:	LVS_NAT Doesn't work
From:	"xgao" <xgao@xxxxxxxxxxxxxxx>
Date:	Thu, 18 Apr 2002 14:24:06 +0800
Hello Joe

Thanks for the reply, but I still have some LVS NAT problem.
Here is my diagram
                 ________
#              |              |
#              | client      |
#              |________|
#                  | CIP=eth0 192.168.1.4
#                  |       __________
#                  |      |                  |
#                  |------| director     |
#                  |      |__________|
#                  | VIP=eth0  192.168.1.10
#                  | DIP=eth0:68 192.168.1.68
#                  |
#                  |
#     RIP=eth0  192.168.1.5
#  _________|_____
#  |                         |
#  | realserver1        |
#  |_____________ |
The client is a win2k
The director is a Pensacola Redhat enterprise server
The real server is a win2K runing apache listening 80 port
-------------------------------------------------
Here is my configure file
LVSCONF_FORMAT=1.1
LVS_TYPE=VS_NAT
INITIAL_STATE=on
CLEAR_IPVS_TABLES=yes
VIP=eth0 lvs 255.255.255.0 lvs
DIP=eth0:68 dip 192.168.1.0 255.255.255.0 192.168.1.255
DIRECTOR_GW=192.168.1.4
SERVICE=t 80rr rip:80
SERVER_NET_DEVICE=eth0
----------------------------------------------------
I run ./configure lvs_nat.conf and get the rc.lvs_nat file.
After I run the rc.lvs_nat, and type ipvsadm I can see
displaying ipvsadm settings

IP Virtual Server version 0.8.1 (size=65536)
Prot LocalAddress:Port Scheduler Flags
  -> RemoteAddress:Port             Forward Weight ActiveConn InActConn
TCP  lvs:http rr
  -> rip:http                       Masq    1      0          0
but when I use client to browse the 192.168.1.10, it can not display the
page. And I back to my linux, I find InActConn get one hit. If I refresh the
client browser, InActConn will count to 2.
Actually, I have add the 192.168.1.68(DIP) as the default gateway of the
real server but it still doesn't work for me.
I follow your instruction to export rc.lsv_nat to a out file.
Here is the file.
looking for standard utilities
$ECHO=/bin/echo
$PING=/bin/ping -U -c 1
testing ping
ping can send one packet. is OK.
$FPING=/bin/ping -U -c 1
$IFCONFIG=/sbin/ifconfig
$NETSTAT=/bin/netstat
$ROUTE=/sbin/route
$AWK=/bin/awk
$AWK=/usr/bin/awk
$GREP=/bin/grep
$HOSTNAME_CMD=/bin/hostname
$UNAME_CMD=/bin/uname
$CAT=/bin/cat
$CUT=/bin/cut
$CUT=/usr/bin/cut
$TAIL=/usr/bin/tail
$XARGS=/usr/bin/xargs
$PS=/bin/ps
$KILL=/bin/kill
$WC=/usr/bin/wc
$TRACEROUTE=/usr/sbin/traceroute
$ARP=/sbin/arp
$ROUTE=/sbin/route
$TR=/usr/bin/tr
$EXPR=/usr/bin/expr
$CHMOD=/bin/chmod
$MV=/bin/mv
$RM=/bin/rm
$MKDIR=/bin/mkdir
$SSH=/usr/bin/ssh
$NTPD=/usr/sbin/ntpd
$IP=/sbin/ip
rc.lvs version 0.9.2 Aug 2001
(C) 2000-2001 Joseph Mack jmack@xxxxxxxx, distributed under GPL license
This file is part of the LVS project http://www.linuxvirtualserver.org
setting up pwLoadbalancer.patternware_cn

find_System_map
System.map
$SYSTEM_MAP=/boot/System.map
kernel series 2.4.9-26beta not handled by this code
you may get errors depending what you ask it to do.
supported are Linux 2.2.x and 2.4.x
Warning: kernel version  not 2.2. or 2.4
$LSMOD=/sbin/lsmod
$RMMOD=/sbin/rmmod
$INSMOD=/sbin/insmod
number nics on director 1
LVS director

Error: kernel series 2.4.9-26beta not 2.2 or 2.4
setting default policy to ACCEPT for LVS devices
Error kernel series 2.4.9-26beta unknown
clearing iptables/ipchain rules
Error: kernel series 2.4.9-26beta unknown
set_director_ip_forwarding on vs-nat director (1 on, 0 off).
set ip_forward ON for vs-nat director (1 on, 0 off).
proc/sys/net/ipv4/ip_forward 1

director is gw for realservers: turn off icmp redirects.
setting icmp redirects (1 on, 0 off)
/proc/sys/net/ipv4/conf/all/send_redirects 0
/proc/sys/net/ipv4/conf/default/send_redirects 0
/proc/sys/net/ipv4/conf/eth0/send_redirects 0

device eth0 has VIP 192.168.1.10
new VIP device == old VIP device, don't reinstall
device eth0 has VIP 192.168.1.10 and is UP
removing 192.168.1.10 from eth0

adding ethernet device and routing for VIP 192.168.1.10
listing ifconfig info for VIP 192.168.1.10
eth0      Link encap:Ethernet  HWaddr 00:50:BA:11:34:9B
          inet addr:192.168.1.10  Bcast:192.168.1.10  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:71 errors:0 dropped:0 overruns:0 frame:0
          TX packets:78 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100
          RX bytes:7131 (6.9 Kb)  TX bytes:9536 (9.3 Kb)
          Interrupt:11 Base address:0xc800

checking VIP 192.168.1.10 is reachable from self (director): PING
192.168.1.10 (192.168.1.10) from 192.168.1.10 : 56(84) bytes of data.
64 bytes from 192.168.1.10: icmp_seq=0 ttl=255 time=82 usec

--- 192.168.1.10 ping statistics ---
1 packets transmitted, 1 packets received, 0% packet loss
round-trip min/avg/max/mdev = 0.082/0.082/0.082/0.000 ms
listing routing info for VIP 192.168.1.10
192.168.1.10    0.0.0.0         255.255.255.255 UH       40 0          0
eth0


clearing ipvsadm table
installing LVS services with ipvsadm
initialising persistence for 192.168.1.10 to N
persistence for 192.168.1.10 N
non-persistent service on 192.168.1.10:http
checking if server rip is reachable from director: PING rip (192.168.1.5)
from 192.168.1.69 : 56(84) bytes of data.
64 bytes from rip (192.168.1.5): icmp_seq=0 ttl=128 time=194 usec

--- rip ping statistics ---
1 packets transmitted, 1 packets received, 0% packet loss
round-trip min/avg/max/mdev = 0.194/0.194/0.194/0.000 ms

displaying ipvsadm settings
IP Virtual Server version 0.8.1 (size=65536)
Prot LocalAddress:Port Scheduler Flags
  -> RemoteAddress:Port             Forward Weight ActiveConn InActConn
TCP  lvs:http rr
  -> rip:http                       Masq    1      0          0

checking for valid server_gw for vs-nat LVS.
NUM_SERVER_GW = 1
default gw 192.168.1.69 for the vs-nat servers is on director, good
DIRECTOR_GW=192.168.1.4
installing default gw  for vs-nat
not installing a default gw for LVS_TYPE vs-nat
DIRECTOR_GW=192.168.1.4
setup_director_masq_table: Error kernel series 2.4.9-26beta unknown
not adding filter rules.
ntpd not running, won't be restarted

The location of the output files rc.lvs, mon.cf and ntp.conf is the default
= ./
You can change this by editing the variables $rc_lvs_home, $rc_mon_home,
$rc_ntp_home


Errors: 5
Some of these errors are from tests that failed.
If you're experimenting, it's possible that the LVS will work.
If you're doing production, you can't assume that the LVS will work.

Your LVS may not be setup properly.

Warnings: 1
The configure script has encountered an unexpected situation.
Your LVS will probably run (it may not do what you want).
It would be reasonable to try your LVS first,
since it will likely work at least partially.

It is possible that the conf file has invalid information
(or the configure script has a bug).
If you suspect a bug in the script, please contact jmack@xxxxxxxx
or post to the LVS mailing list lvs-users@xxxxxxxxxxxxxxxxxxxxxx
(You can always run rc.lvs manually on director/real-servers.)


After I run the rc.lvs_nat file, I find the eth0:68, a alias of the eth0 is
lost and I can not use mozila to visit internet. I am pretty sure I do
nothing on iptables except configure and run the lvs script.

Can you tell me where is my mistake?

Regards
xiao
<Prev in Thread]	Current Thread	[Next in Thread>
LVS_NAT Doesn't work, xgao <= Re: LVS_NAT Doesn't work, Joseph Mack RE: LVS_NAT Doesn't work, jlobascher Re: LVS_NAT Doesn't work, xgao Re: LVS_NAT Doesn't work, Joseph Mack
Previous by Date:	re: LVS with JAVA RMI Registry?, lidsa
Next by Date:	What's wrong with iptables?, lidsa
Previous by Thread:	LVS with JAVA RMI Registry?, jlobascher
Next by Thread:	Re: LVS_NAT Doesn't work, Joseph Mack
Indexes:	[Date] [Thread] [Top] [All Lists]