RE: LVS Tunneling

To:	"LinuxVirtualServer.org users mailing list." <lvs-users@xxxxxxxxxxxxxxxxxxxxxx>
Subject:	RE: LVS Tunneling
From:	"Upblogger.com" <contact@xxxxxxxxxxxxx>
Date:	Thu, 17 May 2007 16:41:15 +0200


On Fri, 18 May 2007, Upblogger.com wrote:

>> Hello Joe,
>>
>> I configured the servers following the mini-HOWTO.
>>
>> Linux Director:
>>
>> IP: 91.121.30.157
>> VIP: 87.98.225.39
>>

>> IPVS Configuration:
>>
>> IP Virtual Server version 1.2.1 (size=4096)
>> Prot LocalAddress:Port Scheduler Flags
>>  -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
>> TCP  87-98-225-39.ovh.net:http wlc
>>  -> ks35593.kimsufi.com:http     Route   1      0          0
>>  -> ns24396.ovh.net:http         Route   1      0          0
>>
>> netstat -rn output:
>>
>> Kernel IP routing table
>> Destination     Gateway         Genmask         Flags   MSS Window  irtt
Iface
>> 87.98.225.39    0.0.0.0         255.255.255.255 UH        0 0          0
eth0
>> 91.121.30.0     0.0.0.0         255.255.255.0   U         0 0          0
eth0
>> 169.254.0.0     0.0.0.0         255.255.0.0     U         0 0          0
eth0
>> 127.0.0.0       0.0.0.0         255.0.0.0       U         0 0          0
lo
>> 0.0.0.0         91.121.30.254   0.0.0.0         UG        0 0          0
eth0
>>
>> When connecting to http://87.98.225.39 and running tcpdump -i any port
>> 80 -p -n -t I see it is receiving connections.

>I assume this tcpdump is running on the director.

>> IP 87.223.248.211.3243 > 87.98.225.39.80: S 519437827:519437827(0) win
65535
>> <mss 1460,nop,nop,sackOK>

> I assume 87.223.248.211 is your client.

Yes.

>> ipvsadm detects that connection too:
>>
>> IP Virtual Server version 1.2.1 (size=4096)
>> Prot LocalAddress:Port Scheduler Flags
>>  -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
>> TCP  87-98-225-39.ovh.net:http wlc
>>  -> ks35593.kimsufi.com:http     Route   1      0          1
                                                              ^

>InActConn entry==1 likely indicates no route from realserver
>to client. Is the realserver's default gw NOT on the
>director and IS a route to the client?


Yes, and route is 0.0.0.0 to default GW.


>> Kernel IP routing table
>> Destination     Gateway         Genmask         Flags   MSS Window  irtt
Iface
>> 87.98.225.39    0.0.0.0         255.255.255.255 UH        0 0          0
lo
>> 213.186.39.0    0.0.0.0         255.255.255.0   U         0 0          0
eth0
>> 127.0.0.0       0.0.0.0         255.0.0.0       U         0 0          0
lo
>> 0.0.0.0         213.186.39.254  0.0.0.0         UG        0 0          0
eth0

> does 213.186.39.254 have a route to the client?

213.186.39.254 is a router connected to internet.

>can you ping the client from the realserver(s), can you ping
>the VIP from the client, can you ping the RIP from the
>director?

Yes, I can ping between them. Ping has always worked fine.

>> tcpdump -i any port 80 -p -n -t returns nothing
>> Connecting from a client I get:
>>
>> telnet 87.98.225.39 80
>> Trying 87.98.225.39...
>> telnet: Unable to connect to remote host: No route to host

>hmm. I would have expected a timeout with the above
>symptoms.

>Joe

<Prev in Thread]	Current Thread	[Next in Thread>
LVS Tunneling, Upblogger.com Re: LVS Tunneling, Joseph Mack NA3T RE: LVS Tunneling, Upblogger.com RE: LVS Tunneling, Joseph Mack NA3T RE: LVS Tunneling, Upblogger.com RE: LVS Tunneling, Joseph Mack NA3T RE: LVS Tunneling, Upblogger.com RE: LVS Tunneling, Joseph Mack NA3T RE: LVS Tunneling, Upblogger.com <= RE: LVS Tunneling, Joseph Mack NA3T RE: LVS Tunneling, Upblogger.com RE: LVS Tunneling, Joseph Mack NA3T RE: LVS Tunneling, Upblogger.com RE: LVS Tunneling, Joseph Mack NA3T

Previous by Date:	Re: one ldirector LVS-DR, Osvaldo Alvarez Pozo
Next by Date:	RE: LVS Tunneling, Joseph Mack NA3T
Previous by Thread:	RE: LVS Tunneling, Joseph Mack NA3T
Next by Thread:	RE: LVS Tunneling, Joseph Mack NA3T
Indexes:	[Date] [Thread] [Top] [All Lists]