LVS
lvs-users
[Top] [All Lists]
Google
 
Web LinuxVirtualServer.org
<prev [Date] next> <prev [Thread] next>

Re: [lvs-users] FTP in active mode?

from [Nicolas Haller] [Permanent Link]
To: lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Subject: Re: [lvs-users] FTP in active mode?
From: Nicolas Haller <nicolas.haller@xxxxxxxxxxxxx>
Date: Thu, 17 Sep 2009 12:04:09 +0200 
On Thu, Sep 17, 2009 at 10:38:14AM +0100, Malcolm Turnbull wrote:
> Nicolas,

> Try and get a simple service like telnet or HTTP working in the local
> subnet with DR mode first, then FWM and DR mode, then FWM with TUN
> i.e. progress from simple to complicated.
> Then swap to FTP.

> I can't see any reason why it wouldn't work, apart from the TUN bit
> which I don't have much experience of.

Hi,

I redo some test this morning and I have more informations.

This is my configuration:
Iptables:
Chain PREROUTING (policy ACCEPT 297K packets, 47M bytes)
 pkts bytes target     prot opt in     out     source               destination 
        
    6   384 MARK       tcp  --  any    any     anywhere             
lo-pp.nerim.net     tcp dpt:ftp MARK xset 0x1/0xffffffff 
    0     0 MARK       tcp  --  any    any     anywhere             
lo-pp.nerim.net     tcp dpt:ftp-data MARK xset 0x1/0xffffffff 
    0     0 MARK       tcp  --  any    any     anywhere             
lo-pp.nerim.net     tcp dpts:1024:65535 MARK xset 0x1/0xffffffff 

Ipvsadm:
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
  -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
TCP  lo-pp.nerim.net:ftp wlc persistent 120
  -> harrisburg.nerim.net:ftp     Tunnel  1      0          0         
  -> sellafield.nerim.net:ftp     Tunnel  1      0          0         
TCP  lo-pp.nerim.net:www wlc persistent 120
  -> harrisburg.nerim.net:www     Tunnel  1      0          0         
  -> sellafield.nerim.net:www     Tunnel  1      0          0         
FWM  1 wlc persistent 120
  -> harrisburg.nerim.net:0       Tunnel  1      0          0         
  -> sellafield.nerim.net:0       Tunnel  1      0          0         

And this is some debug trace:

Sep 17 11:45:24 balancoire-1j kernel: [63473.631331] IN=eth0 OUT= 
MAC=00:30:48:5a:4e:4e:00:1f:9d:9f:89:42:08:00 SRC=62.4.16.150 
DST=194.79.128.128 LEN=64 TOS
=0x00 PREC=0x00 TTL=63 ID=25788 DF PROTO=TCP SPT=61341 DPT=21 WINDOW=65535 
RES=0x00 SYN URGP=0 MARK=0x1 
Sep 17 11:45:24 balancoire-1j kernel: [63473.631564] IPVS: lookup/in TCP 
62.4.16.150:61341->194.79.128.128:21 not hit
Sep 17 11:45:24 balancoire-1j kernel: [63473.631568] IPVS: lookup/out TCP 
62.4.16.150:61341->194.79.128.128:21 not hit
Sep 17 11:45:24 balancoire-1j kernel: [63473.631572] IPVS: lookup service: fwm 
1 TCP 194.79.128.128:21 hit
Sep 17 11:45:24 balancoire-1j kernel: [63473.631576] IPVS: p-schedule: src 
62.4.16.150:61341 dest 194.79.128.128:21 mnet 62.4.16.150
Sep 17 11:45:24 balancoire-1j kernel: [63473.631580] IPVS: template lookup/in 
IP 62.4.16.150:0->0.0.0.1:0 not hit

As you can see, the director receive a FTP packet, IPVS match the FWM service
and then... nothing. I don't know why after detect the packet, IPVS don't
transmit the packet.


-- 
Nicolas Haller

_______________________________________________
Please read the documentation before posting - it's available at:
http://www.linuxvirtualserver.org/

LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
or go to http://lists.graemef.net/mailman/listinfo/lvs-users
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [lvs-users] FTP in active mode?, Malcolm Turnbull
Next by Date:  Re: [lvs-users] Apparent MTU problem using LVS-DR and Windows 2003 RealServers, Christopher Smith
Previous by Thread:  Re: [lvs-users] FTP in active mode?, Malcolm Turnbull
Next by Thread:  Re: [lvs-users] FTP in active mode?, Hannes Eder
Indexes:  [Date] [Thread] [Top] [All Lists]