Keepalived + VLAN + iprules

To: lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Subject: Keepalived + VLAN + iprules
From: flafolie@xxxxxx
Date: Thu, 26 Apr 2007 12:59:06 +0200

I was writting this mail to explain my problem and i found it in the same time. I send it, maybe it will helps someone. In fact the iprules have to have as ip source address the VIP and not the realserver adress :

ip rule add from table ftp_table
ip rule add from table http_table

No problem anymore, resolved problem explained below

I have installed and configured keepalived (v1.1.13).

IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
  -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
TCP wlc persistent 600
  ->           Masq    100    0          0
TCP wlc persistent 600
  ->            Masq    100    0          0

I'm trying to manage different services on different VLANs on my loadbalancer.
eth0.26 : vlan for ftp
eth0.28 : vlan for http

The problem is I can configure only one default route on my loadbalancer. For example, if my default route is, request and reply for http (vlan both going in the good vlan. But for ftp, request will be on the good vlan ( but reply on vlan (my firewall authorizes that for tests) and not

I have tried to define some iprules on my loadbalancer to say if the source ip address is, so forward packets to network but it seems doesn't work. LVS apparently don't let the routing decisions to the operating system after its own operations...

Here are my iprules :
ip rule add from table ftp_table
ip rule add from table http_table

ip route add default via dev eth0.26 table ftp_table
ip route add default via dev eth0.28 table http_table
ip route flush cache

I also tried that but no more effect :
ip route add default scope global nexthop via dev eth0.26 weight 1 nexthop via dev eth0.28 weight 1


(and sorry for my english)

This message was sent using IMP, the Internet Messaging Program.

<Prev in Thread] Current Thread [Next in Thread>