LVS
lvs-users
Google
 
Web LinuxVirtualServer.org

[lvs-users] LVS-NAT and full nat (realserver as client)

To: lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Subject: [lvs-users] LVS-NAT and full nat (realserver as client)
From: Kristoffer Egefelt <kristoffer@xxxxxxx>
Date: Thu, 18 Oct 2012 13:54:57 +0200
Hi,

I'm testing full nat on kernel 3.1.0, trying to have realservers in LVS-NAT 
communicate with VIPs - see: 
http://archive.linuxvirtualserver.org/html/lvs-devel/2010-05/msg00000.html - 
but clients hang...

Client: 10.10.10.201
Realserver: 10.10.10.11
Default gateway/LVS is 10.10.10.1
VIP: 192.168.100.30
eth1 is on the realserver network

so

% ipvsadm -A -t 192.168.100.30:80 -s rr
% ipvsadm -a -t 192.168.100.30:80 -r 10.10.10.11:80 -m

and then

% iptables -t nat -A POSTROUTING -o eth1 -m ipvs --vaddr 192.168.100.30/32 
--vport 80 -j SNAT --to-source 10.10.10.1

but from the realserver or the client

telnet 192.168.100.30 hangs

tcpdump on the realserver shows 

13:33:39.533160 IP 10.10.10.201.54737 > 10.10.10.11.80: Flags [S], seq 
1629270067, win 14600, options [mss 1460,sackOK,TS val 34103738 ecr 
0,nop,wscale 7], length 0
13:33:39.533198 IP 10.10.10.11.80 >10.10.10.201.54737: Flags [S.], seq 
222278326, ack 1629270068, win 14480, options [mss 1460,sackOK,TS val 284062123 
ecr 34103738,nop,wscale 7], length 0
13:33:39.533627 IP 10.10.10.201.54737 > 10.10.10.11.80: Flags [R], seq 
1629270068, win 0, length 0
13:33:42.779366 IP 172.16.11.1.48501 > 10.10.10.11.80: Flags [S], seq 
870222793, win 14600, options [mss 1460,sackOK,TS val 1268747903 ecr 
0,nop,wscale 7], length 0
13:33:42.779405 IP 10.10.10.11.80 > 172.16.11.1.48501: Flags [S.], seq 
503429492, ack 870222794, win 14480, options [mss 1460,sackOK,TS val 284062934 
ecr 1268747903,nop,wscale 7], length 0
13:33:42.779757 IP 172.16.11.1.48501 > 10.10.10.11.80: Flags [.], ack 1, win 
115, options [nop,nop,TS val 1268747903 ecr 284062934], length 0
13:33:42.780442 IP 172.16.11.1.48501 > 10.10.10.11.80: Flags [P.], seq 1:117, 
ack 1, win 115, options [nop,nop,TS val 1268747903 ecr 284062934], length 116
13:33:42.780476 IP 10.10.10.11.80 > 172.16.11.1.48501: Flags [.], ack 117, win 
114, options [nop,nop,TS val 284062935 ecr 1268747903], length 0
13:33:42.781389 IP 10.10.10.11.80 > 172.16.11.1.48501: Flags [P.], seq 1:453, 
ack 117, win 114, options [nop,nop,TS val 284062935 ecr 1268747903], length 452
13:33:42.781657 IP 172.16.11.1.48501 > 10.10.10.11.80: Flags [.], ack 453, win 
123, options [nop,nop,TS val 1268747903 ecr 284062935], length 0
13:33:42.782208 IP 10.10.10.11.80 > 172.16.11.1.48501: Flags [F.], seq 453, ack 
117, win 114, options [nop,nop,TS val 284062935 ecr 1268747903], length 0
13:33:42.783794 IP 172.16.11.1.48501 > 10.10.10.11.80: Flags [F.], seq 117, ack 
454, win 123, options [nop,nop,TS val 1268747904 ecr 284062935], length 0
13:33:42.783810 IP 10.10.10.11.80 > 172.16.11.1.48501: Flags [.], ack 118, win 
114, options [nop,nop,TS val 284062935 ecr 1268747904], length 0

Anybody have an idea what could be up with this?

Thanks

Regards
Kristoffer


_______________________________________________
Please read the documentation before posting - it's available at:
http://www.linuxvirtualserver.org/

LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
or go to http://lists.graemef.net/mailman/listinfo/lvs-users

<Prev in Thread] Current Thread [Next in Thread>