Re: [lvs-users] question about LVS

To:	ryan@xxxxxxxxxxx, "LinuxVirtualServer.org users mailing list." <lvs-users@xxxxxxxxxxxxxxxxxxxxxx>
Subject:	Re: [lvs-users] question about LVS
From:	Michiel van Es <mve@xxxxxxxxxxxxxxxxx>
Date:	Mon, 03 May 2010 17:22:06 +0200

<snip>
>>>>
>>>>>
>>>>> -------- Original Message --------
>>>>> Subject: Re: [lvs-users] question about LVS
>>>>> From: Michael Schwartzkopff<misch@xxxxxxxxxxx>
>>>>> To: LinuxVirtualServer.org users mailing list.
>>>>> <lvs-users@xxxxxxxxxxxxxxxxxxxxxx>
>>>>> Date: 05/03/2010 02:34 PM
>>>>>
>>>>>
>>>>>> Am Montag, 3. Mai 2010 14:31:32 schrieb Michiel van Es:
>>>>>>
>>>>>>> So to get it right:
>>>>>>>
>>>>>>> On the director:
>>>>>>>      >>>>     net.ipv4.ip_forward = 1
>>>>>>>
>>>>>>> On the real servers:
>>>>>>>      >>>>     net.ipv4.conf.all.arp_ignore = 1
>>>>>>>      >>>>     net.ipv4.conf.eth0.arp_ignore = 1
>>>>>>>      >>>>     net.ipv4.conf.all.arp_announce = 2
>>>>>>>      >>>>     net.ipv4.conf.eth0.arp_announce = 2
>>>>>>>
>>>>>>> No forwarding on the real servers right?
>>>>>>>
>>>>>> Correct
>>>>>>
>>>>> Thanks.
>>>>>
>>>>> I still got the same results:
>>>>>
>>>>> I only connect to server2 and never to server1, also 1 of the 2
>>>>> times I
>>>>> get a 'No route to host':
>>>>>
>>>>> michiel@wmichiele:~$ telnet 194.145.200.87 25
>>>>> Trying 194.145.200.87...
>>>>> Connected to 194.145.200.87.
>>>>> Escape character is '^]'.
>>>>> 220 PCIntelligence mailserver 2 - mx2.pcintelligence.nl ESMTP
>>>>> quit
>>>>> 221 PCIntelligence mailserver 2 - mx2.pcintelligence.nl
>>>>> Connection closed by foreign host.
>>>>> michiel@wmichiele:~$ telnet 194.145.200.87 25
>>>>> Trying 194.145.200.87...
>>>>> telnet: Unable to connect to remote host: No route to host
>>>>> michiel@wmichiele:~$ telnet 194.145.200.87 25
>>>>> Trying 194.145.200.87...
>>>>> Connected to 194.145.200.87.
>>>>> Escape character is '^]'.
>>>>> 220 PCIntelligence mailserver 2 - mx2.pcintelligence.nl ESMTP
>>>>> quit
>>>>> 221 PCIntelligence mailserver 2 - mx2.pcintelligence.nl
>>>>> Connection closed by foreign host.
>>>>> michiel@wmichiele:~$ telnet 194.145.200.87 25
>>>>> Trying 194.145.200.87...
>>>>> telnet: Unable to connect to remote host: No route to host
>>>>>
>>>>>
> <snip>
>>>
>>> Just curious, can you telnet from 194.145.200.87 to 194.145.200.171:25?
>>> Sounds as though the host at .171 is either a) not listening on port 25
>>> or b) firewall rules (iptables) are preventing the connection from being
>>> established. From experience, both will cause 'no route to host' errors.
>>
>> Both are working and listening and available from the LVS-DR:
>>
>> root@vps704:~/scripts# telnet server1.pcintelligence.nl 25
>> Trying 194.145.200.17...
>> Connected to server1.pcintelligence.nl.
>> Escape character is '^]'.
>> 220 PCIntelligence mailserver 1 - mx1.pcintelligence.nl ESMTP
>> quit
>> 221 PCIntelligence mailserver 1 - mx1.pcintelligence.nl
>> Connection closed by foreign host.
>> root@vps704:~/scripts# telnet server2.pcintelligence.nl 25
>> Trying 194.145.200.171...
>> Connected to server2.pcintelligence.nl.
>> Escape character is '^]'.
>> 220 PCIntelligence mailserver 2 - mx2.pcintelligence.nl ESMTP
>> quit
>> 221 PCIntelligence mailserver 2 - mx2.pcintelligence.nl
>> Connection closed by foreign host.
>>
>> Kind regards,
>>
>> Michiel
>>
>>>
>
> What is the output of the 'ipvsadm' command on the director? Please
> reply with the output pasted here or on the web (e.g. pastebin).
>

I also found out that it is the real server server1 which gives the problem.
When I do an iptables -F on the server1 real server, a telnet to tje 
load balancer takes a very long time and then dies:
michiel@wmichiele:~$ telnet 194.145.200.87 25
Trying 194.145.200.87...
telnet: Unable to connect to remote host: Connection timed out


When I start the IPtables service:
I get an:
michiel@wmichiele:~$ telnet 194.145.200.87 25
Trying 194.145.200.87...
telnet: Unable to connect to remote host: No route to host


But I don't understand it, the LVS DR is capable of connecting to the 
smtp port.
Perhaps some routing or conntrack issues?
Where should I look on server1 or the LVS-dr ?

Kind regards,

Michiel



_______________________________________________
Please read the documentation before posting - it's available at:
http://www.linuxvirtualserver.org/

LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
or go to http://lists.graemef.net/mailman/listinfo/lvs-users

<Prev in Thread]	Current Thread	[Next in Thread>
Re: [lvs-users] question about LVS, (continued) Re: [lvs-users] question about LVS, Michiel van Es Re: [lvs-users] question about LVS, Michael Schwartzkopff Re: [lvs-users] question about LVS, Michiel van Es Re: [lvs-users] question about LVS, Michael Schwartzkopff Re: [lvs-users] question about LVS, Michiel van Es Re: [lvs-users] question about LVS, Michiel van Es Re: [lvs-users] question about LVS, Ryan Manikowski Re: [lvs-users] question about LVS, Michiel van Es Re: [lvs-users] question about LVS, Ryan Manikowski Re: [lvs-users] question about LVS, Michiel van Es Re: [lvs-users] question about LVS, Michiel van Es <= Re: [lvs-users] question about LVS, Michiel van Es Re: [lvs-users] question about LVS, Graeme Fowler Re: [lvs-users] question about LVS, L.S. Keijser Re: [lvs-users] question about LVS, Michiel van Es Re: [lvs-users] question about LVS, L.S. Keijser Re: [lvs-users] question about LVS, Michiel van Es Re: [lvs-users] question about LVS, L.S. Keijser Re: [lvs-users] question about LVS, Michiel van Es Re: [lvs-users] question about LVS, Graeme Fowler Re: [lvs-users] question about LVS, Michiel van Es

Previous by Date:	Re: [lvs-users] question about LVS, Michiel van Es
Next by Date:	Re: [lvs-users] vip-to-vip connection between two sets of realservers with one director?, James H
Previous by Thread:	Re: [lvs-users] question about LVS, Michiel van Es
Next by Thread:	Re: [lvs-users] question about LVS, Michiel van Es
Indexes:	[Date] [Thread] [Top] [All Lists]