Re: Setting up a lvs-tun working...

[Malcolm Turnbull <malcolm@xxxxxxxxxxxxxxxx>]

Mathieu,

How are you handling the ARP problem on the real server ?
Hidden interface patch or iptables redirect ?


Regards,

Malcolm Turnbull.

Loadbalancer.org Limited
+44 (0)7715 770523
http://www.loadbalancer.org/


" When a single point of failure is not an option"

Why not try our online demonstration 
<http://www.loadbalancer.org/demo.html> ? Or get answers to common 
questions <http://www.loadbalancer.org/fud.html> ?


Mathieu Collas wrote:

> Hello
>
> Thank you for your reply :)
>
> I tried to setup the free versions (nat, dr and tun), and none of the 3
> work...
>
> My goal is to make a tun version work, but as i failed to set it up, i tried
> to make a DR version, and then a nat version.... for the 3 version, i block
> at the same state, the connection is received by the realserver, but no
> reply arrive to the client...
>
>
> Some explanations :
>
> I have 2 box, 1 NIC on each box in a datacenter (i have no acces). 1 public
> IP per box, and no VIP.
>
> Here are the command i tried for the tun version :
>
> INFOs :
> IP of the director 213.186.56.124
> IP of the realserver : 213.186.58.33
>
> Tunnel :
>    IP of the director 192.168.129.1
>    IP of the realserver 192.168.129.100
>
> VIP 192.168.129.66
>
>
>
> # director :
> ------------
>
> echo 0 >/proc/sys/net/ipv4/ip_forward
>
> echo 1 >/proc/sys/net/ipv4/conf/all/send_redirects
> echo 1 >/proc/sys/net/ipv4/conf/default/send_redirects
> echo 1 >/proc/sys/net/ipv4/conf/eth0/send_redirects
>
>
> ip tunnel add mode ipip tunl1 local 213.186.56.124 remote 213.186.58.33
> ip addr add dev tunl1 local 192.168.129.1 peer 192.168.129.100
> ip link set tunl1 up
>
> ifconfig eth0:66 192.168.129.66 broadcast 192.168.129.66 netmask
> 255.255.255.255
> route add -host 192.168.126.66 dev eth0:66
>
>
> ipvsadm -A -t 192.168.129.66:23
> ipvsadm -a -t 192.168.129.66:23 -r 192.168.129.100:23 -i
>
> # to send traffic to the VIP
> iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 23 -j
> DNAT --to-destination 192.168.129.66
>
>
>
>
> # realserver :
> --------------
>
> echo 0 >/proc/sys/net/ipv4/ip_forward
>
> ip tunnel add mode ipip tunl1 local 213.186.58.33 remote 213.186.56.124
> ip addr add dev tunl1 local 192.168.129.100 peer 192.168.129.1
> ip link set tunl1 up
>
> ifconfig tunl0:66 192.168.129.66 broadcast 192.168.129.66
> route add -host 192.168.129.66 dev tunl1:66
>
>
>
> The tunnel works good (ping ok, telnet ok) and when i tried a "ping
> 213.186.56.124" from the outside, i can see the connection in ipvsadm, i can
> see the connection in the realserver too, but the reply never arrive to the
> client
>
>
>
> I have no idea why the reply can return to the client...
>
>
>
>
>
>
> ----- Original Message ----- 
> From: "Joseph Mack" <mack.joseph@xxxxxxx>
> To: "LinuxVirtualServer.org users mailing list."
> <lvs-users@xxxxxxxxxxxxxxxxxxxxxx>
> Sent: Tuesday, August 10, 2004 3:25 PM
> Subject: Re: Setting up a lvs-tun working...
>
>
>  
>
> > Mathieu Collas wrote:
> >    
> >
> > > Hello all !
> > >
> > > For 2 days now i'm trying to setting up a working lvs-tun... but it
> > >      
> still
>  
>
> > > doesn't work...
> > >      
> > have you followed the instructions in the mini-HOWTO for LVS-DR and got it
> > to work first?
> >
> > Joe
> > --
> > Joseph Mack PhD, High Performance Computing & Scientific Visualization
> > LMIT, Supporting the EPA Research Triangle Park, NC 919-541-0007
> > Federal Contact - John B. Smith 919-541-1087 - smith.johnb@xxxxxxx
> > _______________________________________________
> > LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
> > Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
> > or go to http://www.in-addr.de/mailman/listinfo/lvs-users
> >
> >    
> _______________________________________________
> LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
> Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
> or go to http://www.in-addr.de/mailman/listinfo/lvs-users
>