Re: Setting up a lvs-tun working...

To:	"LinuxVirtualServer.org users mailing list." <lvs-users@xxxxxxxxxxxxxxxxxxxxxx>
Subject:	Re: Setting up a lvs-tun working...
From:	Todd Lyons <tlyons@xxxxxxxxxx>
Date:	Tue, 10 Aug 2004 09:20:52 -0700

Mathieu Collas wanted us to know:

>I tried to use that :
>
>
>echo 2 >/proc/sys/net/ipv4/conf/all/arp_ignore
>echo 2 >/proc/sys/net/ipv4/conf/all/arp_announce
>echo 2 >/proc/sys/net/ipv4/conf/tunl0/arp_ignore
>echo 2 >/proc/sys/net/ipv4/conf/tunl0/arp_announce

This requires a 2.6.4 or higher kernel or a 2.4.26 or higher kernel.

>but this seems to has no effect...

Makes me think you're using an older 2.4.x.

>> >I tried to setup the free versions (nat, dr and tun), and none of the 3
>> >work...

I'd ignore NAT for now as that's an architecturally different solution,
whereas DR and TUN are architecturally the same (minus the tunnel).

>> >My goal is to make a tun version work, but as i failed to set it up, i
>tried
>> >to make a DR version, and then a nat version.... for the 3 version, i

Get the DR version to work and your TUN version will work with very
little modifications.

>> >at the same state, the connection is received by the realserver, but no
>> >reply arrive to the client...

Sounds like the arp problem.

Here's what I set on my realservers (2.6.5 kernel BTW) for the routing
to work properly between the private network (10.x.x.x) and the public
load balanced IP (64.x.x.x):

smtp1 root # tail -6 /etc/sysctl.conf 
# For load balanced machines
net.ipv4.conf.lo.arp_ignore = 1
net.ipv4.conf.lo.arp_announce = 2
net.ipv4.conf.all.arp_ignore = 1
net.ipv4.conf.all.arp_announce = 2

>> >I have 2 box, 1 NIC on each box in a datacenter (i have no acces). 1
>public
>> >IP per box, and no VIP.

Hmmm, only one NIC?  I tend to think you'd have problems trying to get
NAT to work with only 1 NIC anyway.  But it works just fine with DR.  So
(again), get DR working first.  In the LVS Howto, pay particular
attention to section 5.6 (The cure for the arp problem in 2.6 kernels).

>From your previous email when you were trying to do NAT:

>> ># director :
>> >------------
>> >
>> >echo 0 >/proc/sys/net/ipv4/ip_forward

The NAT method will not work if the director cannot forward packets.
The NAT method requires that the director *BE* the gateway, therefore it
must route both inbound and outbound packets for the realservers.

Good luck dude!  It sounds like you're close.  Fix the arp problem, and
the system start working.
-- 
Regards...              Todd
  We should not be building surveillance technology into standards.
  Law enforcement was not supposed to be easy.  Where it is easy, 
  it's called a police state.             -- Jeff Schiller on NANOG
Linux kernel 2.6.3-15mdkenterprise   2 users,  load average: 0.02, 0.06, 0.06

<Prev in Thread]	Current Thread	[Next in Thread>
Setting up a lvs-tun working..., Mathieu Collas Re: Setting up a lvs-tun working..., Joseph Mack Re: Setting up a lvs-tun working..., Mathieu Collas Re: Setting up a lvs-tun working..., Malcolm Turnbull Re: Setting up a lvs-tun working..., Mathieu Collas Re: Setting up a lvs-tun working..., Malcolm Turnbull Re: Setting up a lvs-tun working..., Todd Lyons <= Re: Setting up a lvs-tun working..., Mathieu Collas Re: Setting up a lvs-tun working..., Mathieu Collas Re: Setting up a lvs-tun working..., Joseph Mack

Previous by Date:	Re: Setting up a lvs-tun working..., Joseph Mack
Next by Date:	Broadcast Address for VIP (lo:0)..., Sean Rolinson
Previous by Thread:	Re: Setting up a lvs-tun working..., Malcolm Turnbull
Next by Thread:	Re: Setting up a lvs-tun working..., Mathieu Collas
Indexes:	[Date] [Thread] [Top] [All Lists]