LVS
lvs-users
Google
 
Web LinuxVirtualServer.org

RE: SNAT / Masquerading problems using LVS-NAT

To: "LinuxVirtualServer.org users mailing list." <lvs-users@xxxxxxxxxxxxxxxxxxxxxx>
Subject: RE: SNAT / Masquerading problems using LVS-NAT
From: Graeme Fowler <graeme@xxxxxxxxxxx>
Date: Wed, 18 Apr 2007 13:46:16 +0100
On Wed, 2007-04-18 at 07:01 -0500, Rudd, Michael wrote:
> My setup is 2 bonds: 1 with 2 vlans, 1 with 1 vlan
> Bond0.200 (public)
> Bond0.202 (private)
> Bond1.201 (public and vlan DNS traffic is used on)
> 
> So I send my DNS query to my VIP on my directors. It gets routed to a
> realserver which I've attached the vip to bond1.201:0. According to
> others I've talked to I shouldn't need an iptables rule but I still
> don't see the packet out with the source ip address of the VIP. I see
> the packet with the source IP of the actual realserver. Its possible it
> is a routing issue though so I plan on digging deeper on that today. 
> 
> Should I need an iptables rule at all for LVS-DR? 

Nope.

Dumb question: you haven't configured BIND to send responses from the
RIP. have you (by allowing it to bind to interfaces as it sees fit)?
Also, have you solved the ARP problem for LVS-DR? You don't want your
realservers ARPing the VIP, especially as you have it bound to a "real"
interface rather than loopback.

I have a sneaking feeling here that the application itself is the
problem, not LVS.

Graeme


<Prev in Thread] Current Thread [Next in Thread>