LVS
lvs-users
[Top] [All Lists]
Google
 
Web LinuxVirtualServer.org
<prev [Date] next> <prev [Thread] next>

LVS-NAT setup problem

from [Ben Wilder] [Permanent Link]
To: <lvs-users@xxxxxxxxxxxxxxxxxxxxxx>
Subject: LVS-NAT setup problem
From: "Ben Wilder" <ben.wilder@xxxxxxxxxxx>
Date: Mon, 16 Oct 2006 09:23:40 +0100 
Hi all 

I'm having a problem setting up an LVS-NAT load balancing scenario and am
wondering if someone can point out where i'm going wrong!

OS is Fedora core 5 - kernel 2.6.15-1.2054_FC5
Ipvsadm version: 1.2.1

Network looks like the following (I am testing with one real server at the
moment)

[CIP]10.10.10.100 --> [eth0:1 VIP]10.10.10.5 (Director)[eth0 DIP]
192.168.0.1 --> [eth0 RIP]192.168.0.100

I have set things up in the following way (all machines are located on the
same switch at the moment)

Director:
1 NIC
Eth0 192.168.0.1
Eth0:1 10.10.10.5

Change net.ipv4.ip_forward = 1 in etc/sysctl.conf
Run: service iptables start
Run: iptables -Z
Run: iptables -F
Run: iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

Run: ipvsadm -A -t 10.10.10.5:80 -s wlc
Run: ipvsadm -a -t 10.10.10.5:80 -r 192.168.0.100:80 -m

Real server:
1 NIC
Eth0 192.168.0.100
Run: route add default gw 192.168.0.1 dev eth0



Behaviour:

When i attempt to retrieve a web page from the virtual IP, I receive no
response, ipvsadm shows one inactive connection and the following can be
seen in tcpdump:

RIP can ping DIP, VIP and CIP

Tcpdump on director with command: tcpdump host 192.168.0.1

09:11:16.859991 IP 192.168.0.1 > 192.168.0.100: ICMP host 10.10.10.100
unreachable - admin prohibited, length 56
09:11:19.834147 IP 192.168.0.1 > 192.168.0.100: ICMP host 10.10.10.100
unreachable - admin prohibited, length 56
09:11:21.858066 arp who-has 192.168.0.1 tell 192.168.0.100
09:11:21.858105 arp reply 192.168.0.1 is-at 00:5b:5b:5b:10:e3 (oui Unknown)

Tcpdump on realserver with command: tcpdump dst port 80

08:16:31.241167 IP 10.10.10.100.btprjctrl > 192.168.0.100.http: S
1944001349:1944001349(0) win 65535 <mss 1460,nop,nop,sackOK>
08:16:34.204901 IP 10.10.10.100.btprjctrl > 192.168.0.100.http: S
1944001349:1944001349(0) win 65535 <mss 1460,nop,nop,sackOK>


Routing table on Realserver:

Destination     Gateway         Genmask         Flags Metric Ref    Use 
192.168.0.0     *               255.255.255.0   U     0      0        0 eth0
169.254.0.0     *               255.255.0.0     U     0      0        0 eth0
default         192.168.0.1     0.0.0.0         UG    0      0        0 eth0

Routing table on Director:

Destination     Gateway         Genmask         Flags Metric Ref    Use 
192.168.0.0     *               255.255.255.0   U     0      0        0 eth0
10.10.10.0      *               255.255.255.0   U     0      0        0 eth0
169.254.0.0     *               255.255.0.0     U     0      0        0 eth0

Any thoughts would be very much appreciated!!

Thanks in advance, 
Ben
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: New system, higher active connections?, Roberto Nibali
Next by Date:  Re: LVS-NAT setup problem, Graeme Fowler
Previous by Thread:  [PATCH] ipvs loopback connection, Ryan Nowakowski
Next by Thread:  Re: LVS-NAT setup problem, Graeme Fowler
Indexes:  [Date] [Thread] [Top] [All Lists]