Re: [lvs-users] question about LVS

To:	ryan@xxxxxxxxxxx
Subject:	Re: [lvs-users] question about LVS
Cc:	"LinuxVirtualServer.org users mailing list." <lvs-users@xxxxxxxxxxxxxxxxxxxxxx>
From:	Michiel van Es <mve@xxxxxxxxxxxxxxxxx>
Date:	Mon, 03 May 2010 16:45:19 +0200


-------- Original Message --------
Subject: Re: [lvs-users] question about LVS
From: Ryan Manikowski <ryan@xxxxxxxxxxx>
To: Michiel van Es <mve@xxxxxxxxxxxxxxxxx>
Date: 05/03/2010 04:42 PM

> On 5/3/2010 10:25 AM, Michiel van Es wrote:
>>
>>
>> -------- Original Message --------
>> Subject: Re: [lvs-users] question about LVS
>> From: Ryan Manikowski<ryan@xxxxxxxxxxx>
>> To: lvs-users@xxxxxxxxxxxxxxxxxxxxxx
>> Date: 05/03/2010 04:19 PM
>>
>>> On 5/3/2010 9:41 AM, Michiel van Es wrote:
>>>> Could it be that server1 isn't working correctly that the LVS DR does
>>>> not route traffic to that server?
>>>>
>>>> It can connect:
>>>>
>>>> root@vps704:~/scripts# telnet server1.pcintelligence.nl 25
>>>> Trying 194.145.200.17...
>>>> Connected to server1.pcintelligence.nl.
>>>> Escape character is '^]'.
>>>> 220 PCIntelligence mailserver 1 - mx1.pcintelligence.nl ESMTP
>>>> quit
>>>> 221 PCIntelligence mailserver 1 - mx1.pcintelligence.nl
>>>> Connection closed by foreign host.
>>>>
>>>>
>>>> But I keep getting forward only to real server2:
>>>>
>>>> 221 PCIntelligence mailserver 2 - mx2.pcintelligence.nl
>>>> Connection closed by foreign host.
>>>> michiel@wmichiele:~$ telnet 194.145.200.87 25
>>>> Trying 194.145.200.87...
>>>> telnet: Unable to connect to remote host: No route to host
>>>> michiel@wmichiele:~$ telnet 194.145.200.87 25
>>>> Trying 194.145.200.87...
>>>> Connected to 194.145.200.87.
>>>> Escape character is '^]'.
>>>> 220 PCIntelligence mailserver 2 - mx2.pcintelligence.nl ESMTP
>>>> quit
>>>> 221 PCIntelligence mailserver 2 - mx2.pcintelligence.nl
>>>> Connection closed by foreign host.
>>>>
>>>>
>>>> And because it is RR, that is perhaps why I get the first time server2
>>>> and the 2nd time server1 and I get the telnet: Unable to connect to
>>>> remote host: No route to host
>>>>
>>>> What should I check on server1?
>>>> I also tried to change the weight on the LVS DR server from server 1 to
>>>> 2 so it would get more hits but no avail:
>>>>
>>>> I am running this on the LVS server:
>>>>
>>>> #!/bin/bash
>>>> #---------------mini-rc.lvs_dr-director------------------------
>>>> #set ip_forward OFF for lvs-dr director (1 on, 0 off)
>>>> #(there is no forwarding in the conventional sense for LVS-DR)
>>>> cat       /proc/sys/net/ipv4/ip_forward
>>>> echo "0">/proc/sys/net/ipv4/ip_forward
>>>>
>>>> #director is not gw for realservers: leave icmp redirects on
>>>> echo 'setting icmp redirects (1 on, 0 off) '
>>>> echo "1">/proc/sys/net/ipv4/conf/all/send_redirects
>>>> cat       /proc/sys/net/ipv4/conf/all/send_redirects
>>>> echo "1">/proc/sys/net/ipv4/conf/default/send_redirects
>>>> cat       /proc/sys/net/ipv4/conf/default/send_redirects
>>>> echo "1">/proc/sys/net/ipv4/conf/eth0/send_redirects
>>>> cat       /proc/sys/net/ipv4/conf/eth0/send_redirects
>>>>
>>>> #add ethernet device and routing for VIP 194.145.200.87
>>>> /sbin/ifconfig eth0:110 194.145.200.87 broadcast 194.145.200.87 netmask
>>>> 255.255.255.255
>>>> /sbin/route add -host 194.145.200.87 dev eth0:110
>>>> #listing ifconfig info for VIP 194.145.200.87
>>>> /sbin/ifconfig eth0:110
>>>>
>>>> #check VIP 194.145.200.87 is reachable from self (director)
>>>> /bin/ping -c 1 194.145.200.87
>>>> #listing routing info for VIP 194.145.200.87
>>>> /bin/netstat -rn
>>>>
>>>> #setup_ipvsadm_table
>>>> #clear ipvsadm table
>>>> /sbin/ipvsadm -C
>>>> #installing LVS services with ipvsadm
>>>> #add smtp to VIP with round robin scheduling
>>>> /sbin/ipvsadm -A -t 194.145.200.87:smtp -s rr
>>>>
>>>> #forward smtp to realserver using direct routing with weight 1
>>>> /sbin/ipvsadm -a -t 194.145.200.87:smtp -r 194.145.200.17 -g -w 2
>>>> #check realserver reachable from director
>>>> ping -c 1 194.145.200.17
>>>>
>>>> #forward smtp to realserver using direct routing with weight 1
>>>> /sbin/ipvsadm -a -t 194.145.200.87:smtp -r 194.145.200.171 -g -w 1
>>>> #check realserver reachable from director
>>>> ping -c 1 194.145.200.171
>>>>
>>>> #displaying ipvsadm settings
>>>> /sbin/ipvsadm
>>>>
>>>> #not installing a default gw for LVS_TYPE vs-dr
>>>> #---------------mini-rc.lvs_dr-director------------------------
>>>>
>>>>
>>>> And on the real servers:
>>>>
>>>> #!/bin/bash
>>>> #----------mini-rc.lvs_dr-realserver------------------
>>>> #installing default gw 192.168.1.254 for vs-dr
>>>> #/sbin/route add default gw 192.168.1.254
>>>> #showing routing table
>>>> /bin/netstat -rn
>>>> #checking if DEFAULT_GW 192.168.1.254 is reachable
>>>> #ping -c 1 192.168.1.254
>>>>
>>>> #set_realserver_ip_forwarding to OFF (1 on, 0 off).
>>>> echo "0">/proc/sys/net/ipv4/ip_forward
>>>> cat       /proc/sys/net/ipv4/ip_forward
>>>>
>>>> #looking for DIP 192.168.1.9
>>>> ping -c 1 194.145.200.86
>>>>
>>>> #looking for VIP (will be on director)
>>>> ping -c 1 194.145.200.87
>>>>
>>>> #install_realserver_vip
>>>> /sbin/ifconfig lo:110 194.145.200.87 broadcast 194.145.200.87 netmask
>>>> 0xffffffff up
>>>> #ifconfig output
>>>> /sbin/ifconfig lo:110
>>>> #installing route for VIP 194.145.200.87 on device lo:110
>>>> /sbin/route add -host 194.145.200.87 dev lo:110
>>>> #listing routing info for VIP 194.145.200.87
>>>> /bin/netstat -rn
>>>>
>>>> #hiding interface lo:110, will not arp
>>>> #echo "1">/proc/sys/net/ipv4/conf/all/hidden
>>>> #cat       /proc/sys/net/ipv4/conf/all/hidden
>>>> #echo "1">/proc/sys/net/ipv4/conf/lo/hidden
>>>> #cat       /proc/sys/net/ipv4/conf/lo/hidden
>>>> echo 1>   /proc/sys/net/ipv4/conf/eth0/arp_ignore
>>>> echo 2>   /proc/sys/net/ipv4/conf/eth0/arp_announce
>>>> echo 1>   /proc/sys/net/ipv4/conf/all/arp_ignore
>>>> echo 2>   /proc/sys/net/ipv4/conf/all/arp_announce
>>>>
>>>> #----------mini-rc.lvs_dr-realserver------------------
>>>>
>>>>
>>>> Am I missing something?
>>>> I found it awkward it server1 does not give a banner..I think LVS sees
>>>> the server up (server1) but something goes wrong with the return
>>>> traffic
>>>> so that is perhaps why I sometimes get the 'Unable to connect to remote
>>>> host: No route to host'
>>>>
>>>> How can I troubleshoot and confirm this?
>>>>
>>>> Kind Regards,
>>>>
>>>> Michiel
>>>>
>>>> -------- Original Message --------
>>>> Subject: Re: [lvs-users] question about LVS
>>>> From: Michiel van Es<mve@xxxxxxxxxxxxxxxxx>
>>>> To: LinuxVirtualServer.org users mailing list.
>>>> <lvs-users@xxxxxxxxxxxxxxxxxxxxxx>
>>>> Date: 05/03/2010 02:39 PM
>>>>
>>>>
>>>>>
>>>>> -------- Original Message --------
>>>>> Subject: Re: [lvs-users] question about LVS
>>>>> From: Michael Schwartzkopff<misch@xxxxxxxxxxx>
>>>>> To: LinuxVirtualServer.org users mailing list.
>>>>> <lvs-users@xxxxxxxxxxxxxxxxxxxxxx>
>>>>> Date: 05/03/2010 02:34 PM
>>>>>
>>>>>
>>>>>> Am Montag, 3. Mai 2010 14:31:32 schrieb Michiel van Es:
>>>>>>
>>>>>>> So to get it right:
>>>>>>>
>>>>>>> On the director:
>>>>>>>      >>>>     net.ipv4.ip_forward = 1
>>>>>>>
>>>>>>> On the real servers:
>>>>>>>      >>>>     net.ipv4.conf.all.arp_ignore = 1
>>>>>>>      >>>>     net.ipv4.conf.eth0.arp_ignore = 1
>>>>>>>      >>>>     net.ipv4.conf.all.arp_announce = 2
>>>>>>>      >>>>     net.ipv4.conf.eth0.arp_announce = 2
>>>>>>>
>>>>>>> No forwarding on the real servers right?
>>>>>>>
>>>>>> Correct
>>>>>>
>>>>> Thanks.
>>>>>
>>>>> I still got the same results:
>>>>>
>>>>> I only connect to server2 and never to server1, also 1 of the 2
>>>>> times I
>>>>> get a 'No route to host':
>>>>>
>>>>> michiel@wmichiele:~$ telnet 194.145.200.87 25
>>>>> Trying 194.145.200.87...
>>>>> Connected to 194.145.200.87.
>>>>> Escape character is '^]'.
>>>>> 220 PCIntelligence mailserver 2 - mx2.pcintelligence.nl ESMTP
>>>>> quit
>>>>> 221 PCIntelligence mailserver 2 - mx2.pcintelligence.nl
>>>>> Connection closed by foreign host.
>>>>> michiel@wmichiele:~$ telnet 194.145.200.87 25
>>>>> Trying 194.145.200.87...
>>>>> telnet: Unable to connect to remote host: No route to host
>>>>> michiel@wmichiele:~$ telnet 194.145.200.87 25
>>>>> Trying 194.145.200.87...
>>>>> Connected to 194.145.200.87.
>>>>> Escape character is '^]'.
>>>>> 220 PCIntelligence mailserver 2 - mx2.pcintelligence.nl ESMTP
>>>>> quit
>>>>> 221 PCIntelligence mailserver 2 - mx2.pcintelligence.nl
>>>>> Connection closed by foreign host.
>>>>> michiel@wmichiele:~$ telnet 194.145.200.87 25
>>>>> Trying 194.145.200.87...
>>>>> telnet: Unable to connect to remote host: No route to host
>>>>>
>>>>>
> <snip>
>>>
>>> Just curious, can you telnet from 194.145.200.87 to 194.145.200.171:25?
>>> Sounds as though the host at .171 is either a) not listening on port 25
>>> or b) firewall rules (iptables) are preventing the connection from being
>>> established. From experience, both will cause 'no route to host' errors.
>>
>> Both are working and listening and available from the LVS-DR:
>>
>> root@vps704:~/scripts# telnet server1.pcintelligence.nl 25
>> Trying 194.145.200.17...
>> Connected to server1.pcintelligence.nl.
>> Escape character is '^]'.
>> 220 PCIntelligence mailserver 1 - mx1.pcintelligence.nl ESMTP
>> quit
>> 221 PCIntelligence mailserver 1 - mx1.pcintelligence.nl
>> Connection closed by foreign host.
>> root@vps704:~/scripts# telnet server2.pcintelligence.nl 25
>> Trying 194.145.200.171...
>> Connected to server2.pcintelligence.nl.
>> Escape character is '^]'.
>> 220 PCIntelligence mailserver 2 - mx2.pcintelligence.nl ESMTP
>> quit
>> 221 PCIntelligence mailserver 2 - mx2.pcintelligence.nl
>> Connection closed by foreign host.
>>
>> Kind regards,
>>
>> Michiel
>>
>>>
>
> What is the output of the 'ipvsadm' command on the director? Please
> reply with the output pasted here or on the web (e.g. pastebin).
>

This the output of the command:

root@vps704:~/scripts# ipvsadm
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
   -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
TCP  ts3-87.twistspace.com:smtp rr
   -> mx2.pcintelligence.nl:smtp   Route   1      0          0
   -> mx1.pcintelligence.nl:smtp   Route   2      0          0


_______________________________________________
Please read the documentation before posting - it's available at:
http://www.linuxvirtualserver.org/

LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
or go to http://lists.graemef.net/mailman/listinfo/lvs-users

<Prev in Thread]	Current Thread	[Next in Thread>
Re: [lvs-users] question about LVS, (continued) Re: [lvs-users] question about LVS, Michael Schwartzkopff Re: [lvs-users] question about LVS, Michiel van Es Re: [lvs-users] question about LVS, Michael Schwartzkopff Re: [lvs-users] question about LVS, Michiel van Es Re: [lvs-users] question about LVS, Michael Schwartzkopff Re: [lvs-users] question about LVS, Michiel van Es Re: [lvs-users] question about LVS, Michiel van Es Re: [lvs-users] question about LVS, Ryan Manikowski Re: [lvs-users] question about LVS, Michiel van Es Re: [lvs-users] question about LVS, Ryan Manikowski Re: [lvs-users] question about LVS, Michiel van Es <= Re: [lvs-users] question about LVS, Michiel van Es Re: [lvs-users] question about LVS, Michiel van Es Re: [lvs-users] question about LVS, Graeme Fowler Re: [lvs-users] question about LVS, L.S. Keijser Re: [lvs-users] question about LVS, Michiel van Es Re: [lvs-users] question about LVS, L.S. Keijser Re: [lvs-users] question about LVS, Michiel van Es Re: [lvs-users] question about LVS, L.S. Keijser Re: [lvs-users] question about LVS, Michiel van Es Re: [lvs-users] question about LVS, Graeme Fowler

Previous by Date:	Re: [lvs-users] question about LVS, Ryan Manikowski
Next by Date:	Re: [lvs-users] question about LVS, Michiel van Es
Previous by Thread:	Re: [lvs-users] question about LVS, Ryan Manikowski
Next by Thread:	Re: [lvs-users] question about LVS, Michiel van Es
Indexes:	[Date] [Thread] [Top] [All Lists]