|
2007/5/21, Adam Smutnicki <netglider@xxxxxxxxx>:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Mon, 21 May 2007, Adam Smutnicki wrote:
> Hello
> I'm trying to force my LVS network to work proprly, but I cannot. So
I'll be
> very glad for any help.
>
> First some details about my network
>
> Connection schema:
> Client1 -- LAN -- Director -- Internet -- Real Server -- Client2
client2 is just a client of the realserver, it's not a client of the the
LVS, right?
Yes
Of course my firewall is down on Real Server,
good
> and mysql is listening on 0.0.0.0 address
for security, in production, make sure it's only listening on the VIP.
Yes, I konw, it is listening on 0.0.0.0 because on debuging, RS had
previously other functions and now is during reconfiguration.
1) When i do
> $mysql -u user -p -h VIP
> on Client2 i can connect to mysql on VIP, but i dont see any packets
camming
> on tunl0 on RS
tunl0 isn't a real device. It exists only in the kernel. I don't know if
you can tcpdump on tunl0 (you used to not be able to).
but i can see packets using tcpdump -i tunl0
2) when i do
> $mysql -u user -p -h VIP
> on Client1
> i see (on RS) that packets are tunneled to RS - I see packets with 2 IP
> headers, then i can see packet without tuneling ip header, so with
> ip.src=Client2
you mean client1?
Yes, my mistake
and ip.dst=VIP, but packets are appearing on tunl0, but
> connecting isn't estabilished, no ACK packets are sent.
that's a good start.
Have you looked through the list of common problems at the
end of the mini-HOWTO?
Do You mean : http://www.ssi.bg/~ja/TUN-HOWTO.txt?
Only thing that I cannot check was problem with tunl0/rp_filter. I coulnd't
find any config mentioned in this question
Do you understand the single writer/ many reader nature of LVS as far as
it relates to databases in an LVS. Have you read the section in the
HOWTO about building an LVS database?
Yes I understand, this database will be read-only, so ther's no problem with
synchronisation data.
Have you set up an LVS-DR according to the mini-HOWTO? When you've got
that working, change it to LVS-Tun. Then change telnet to mysql.
According to http://www.linuxvirtualserver.org/VS-DRouting.html I cannot
build Load Balancing using LVS/DR through WAN, it is dedicated for LAN,
that's why I've choosen LVS/TUN
Joe
- --
Joseph Mack NA3T EME(B,D), FM05lw North Carolina
jmack (at) wm7d (dot) net - azimuthal equidistant map
generator at http://www.wm7d.net/azproj.shtml
Homepage http://www.austintek.com/ It's GNU/Linux!
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFGUcDsjoMM0LQagGkRAixvAKCi66eq4lY7aVIiaIiCdPJbxGHw7wCdEyV1
tGcJ3S/Sd+xL1GUktidOhP0=
=/oKj
-----END PGP SIGNATURE-----
I forgot to mention tat I'm using debian on all nodes.
I have no idea why the RS ansvers on connections from Client2 and not from
client1.
Do You have any idea?
Best
Adam
| 