> I am trying to implement the two node ha/load balanced
> topology. I've been
> successful with the ha part, the servers will fail over, but I've been
> unable to get load balancing to work.
50% of the way ...
> I've got two identical http servers running Red Hat 7.3 and
> 2.0. The kernels are stock Red Hat 2.4.18-19.7.xsmp kernels.
> I'd like to
> stick with the stock kernel. I'm trying to use the iptables
> method for the
> virtual ip address.
I use redhat kernels in my setups. I like the extensive testing they get.
I would recommend that you use the src.rpm kernels with redhat's default
.config and go from there. I'm not certain if compiles with RH 7.3 but I
would guess that it does. Don't use RH 8.0.
FYI, RH modifies netfilter with patches to make REDIRECT work. If you
switch to something else later you will have to keep this in mind.
> iptables -t nat -A PREROUTING -p tcp -d 10.1.57.100 --dport
> 80 -j REDIRECT
> --to-port 80
mine looks like the same as yours :)
# LVS black-magic (transparent proxy solution for solving ARP problem)
# 11 = sidestep client, 13 = maps, 14 = images, 15 = www
$IPTABLES -t nat -A PREROUTING -p tcp -d 18.104.22.168 --dport 80 -j
REDIRECT --to-port 80
$IPTABLES -t nat -A PREROUTING -p tcp -d 22.214.171.124 --dport 443 -j
REDIRECT --to-port 443
I use 10. You'll have to modify this over time for your site
mine is 15
switch autoreload to =no, it is buggy.
> real=10.1.57.3:80 gate
> real=10.1.57.4:80 gate
> receive="test page"
You might want to add a 10 second persistency here. At least on my setup it
seems to help. The man page isn't too informative here...
" persistent = n
Number of seconds for persistent client connections."
> ultux3 IPaddr::10.1.57.100/24 ldirectord::ldirectord.cf
> ultux4 IPaddr::10.1.57.100/24 ldirectord::ldirectord.cf
This is a FAQ on the linux-ha mailing list. You absolutely must have the
same haresources on both servers. I know what you have seems intuitive, but
trust me it is wrong. Change it to the same. I also recommend setting
nice_failback to "on" in ha.cf.
I think your non-loadbalancing issue is arp related. If you have the
flexibility try looking at your ARPs on the switches and the real server
that is getting all the traffic. If this doesn't help provide more
information on what is going on. (ipvsadm -L -n output, tcpdumps).
Hope it helps.