Packets aren't returning to host

To:	lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Subject:	Packets aren't returning to host
From:	Marc Tardif <mtardif@xxxxxxxxxxx>
Date:	Sun, 24 Aug 2003 16:20:19 -0400

linux kernel 2.4.21
ipvs and ipvsadm installed from ipvs 1.0.10 tarball

I can get ip_vs to redirect incoming packets on port 80 to an internalbox, but I can't seem to return these packets to the calling host.Here's my network setup:


  external        gateway        internal
  --------        -------        --------
  192.168.0.68 -> 192.168.0.2
                  10.9.201.2  -> 10.9.201.225

The gateway has the following interfaces and filtering configuration(command outputs have been shortened):


  # ifconfig
  eth0 inet addr:10.9.201.2  Bcast:10.9.201.255  Mask:255.255.255.0
  eth1 inet addr:192.168.0.2  Bcast:192.168.0.255  Mask:255.255.255.0
  # ipvsadm -L
  TCP  192.168.0.2:http wlc
    -> 10.9.201.225:http     Masq    1      0          0
  # ipchains -L
  Chain forward (policy ACCEPT):
  target     prot opt     source                destination
  MASQ       all  ----l-  10.9.201.0/24        anywhere


The internal box has the gateway configured as a default gateway:

  # netstat -rn
  Kernel IP routing table
  Destination     Gateway         Genmask         Flags  Iface
  10.9.201.0      0.0.0.0         255.255.255.0   U       eth0
  192.168.0.0     10.9.201.2      255.255.255.0   UG      eth0

This is the tcpdump on the gateway generated by the external boxattempting to telnet to port 80 of the gateway:

15:34:21.737622 192.168.0.68.1071 > 10.9.201.225.http: S855275531:855275531(0) win 16384 <mss 1460,nop,nop,sackOK> (DF)15:34:21.737927 10.9.201.225.http > 192.168.0.68.1071: S4039057286:4039057286(0) ack 855275532 win 5840 <mss1460,nop,nop,sackOK> (DF)15:34:24.651755 192.168.0.68.1071 > 10.9.201.225.http: S855275531:855275531(0) win 16384 <mss 1460,nop,nop,sackOK> (DF)15:34:24.652003 10.9.201.225.http > 192.168.0.68.1071: S4039057286:4039057286(0) ack 855275532 win 5840 <mss1460,nop,nop,sackOK> (DF)15:34:24.728277 10.9.201.225.http > 192.168.0.68.1071: S4039057286:4039057286(0) ack 855275532 win 5840 <mss1460,nop,nop,sackOK> (DF)

Problem is, the external box hangs on the telnet and never seems to geta response via the gateway. Maybe the problem is that it's expecting ananswer from 192.168.0.2 whereas the tcpdump is showing a packet arrivingfrom 10.9.201.225. Can someone point me in the right direction? I'vefollowed the exact installation instructions on the virtual server website:

http://www.linuxvirtualserver.org/VS-NAT.html

More explicitly, I've run the following commands:

  # echo 1 > /proc/sys/net/ipv4/ip_forward
  # ipchains -l -A forward -j MASQ -s 10.9.201.0/24 -d 0.0.0.0/0
  # ipvsadm -A -t 192.168.0.2:80 -s wlc
  # ipvsadm -a -t 192.168.0.2:80 -r 10.9.201.225:80 -m

--
Marc Tardif
Sitepak
(514) 866-8883

<Prev in Thread]	Current Thread	[Next in Thread>
Packets aren't returning to host, Marc Tardif <= Re: Packets aren't returning to host, Andy Harding Re: Packets aren't returning to host, Horms Re: Packets aren't returning to host, Horms Re: Packets aren't returning to host, Marc Tardif Re: Packets aren't returning to host, Horms IDENT protocol and DR, Kjetil Torgrim Homme Re: IDENT protocol and DR, Horms Re: IDENT protocol and DR, Joseph Mack Re: IDENT protocol and DR, Kjetil Torgrim Homme Re: IDENT protocol and DR, Joseph Mack

Previous by Date:	LVS T-shirt iron-on available (once in a lifetime offer made again), Joseph Mack
Next by Date:	Re: Packets aren't returning to host, Andy Harding
Previous by Thread:	LVS T-shirt iron-on available (once in a lifetime offer made again), Joseph Mack
Next by Thread:	Re: Packets aren't returning to host, Andy Harding
Indexes:	[Date] [Thread] [Top] [All Lists]