LVS
lvs-users
Google
 
Web LinuxVirtualServer.org

[lvs-users] Configuring LVS-Tun on Ubuntu

To: lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Subject: [lvs-users] Configuring LVS-Tun on Ubuntu
From: Dushyant Arora <dushyantarora13@xxxxxxxxx>
Date: Mon, 4 Feb 2013 21:01:32 -0500
Hello Everyone,

I have so far been able to configure LVS-DR and LVS-NAT and trying to
complete the trilogy. Here is the setup I am using:
2 realservers, 1 director and 1 client

*Director interfaces and other info*:
$ ifconfig
eth0      Link encap:Ethernet  HWaddr 00:0c:29:07:96:cf
          inet addr:192.168.25.135  Bcast:192.168.25.255  Mask:255.255.255.0
          inet6 addr: fe80::20c:29ff:fe07:96cf/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:3571 errors:0 dropped:0 overruns:0 frame:0
          TX packets:2861 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:1776401 (1.7 MB)  TX bytes:292263 (292.2 KB)
          Interrupt:19 Base address:0x2000

eth0:110  Link encap:Ethernet  HWaddr 00:0c:29:07:96:cf
          inet addr:192.168.25.110  Bcast:192.168.25.110
 Mask:255.255.255.255
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          Interrupt:19 Base address:0x2000

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)


$ sudo /sbin/ipvsadm -l -n
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
  -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
TCP  192.168.25.110:8080 rr
  -> 192.168.25.131:8080          Tunnel  1      0          1
  -> 192.168.25.140:8080          Tunnel  1      0          0

$ route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use
Iface
0.0.0.0         192.168.25.2    0.0.0.0         UG    0      0        0 eth0
192.168.25.0    0.0.0.0         255.255.255.0   U     1      0        0 eth0
192.168.25.110  0.0.0.0         255.255.255.255 UH    0      0        0 eth0


*One of the servers*

$ ifconfig
eth0      Link encap:Ethernet  HWaddr 00:0c:29:ae:54:3c
          inet addr:192.168.25.140  Bcast:192.168.25.255  Mask:255.255.255.0
          inet6 addr: fe80::20c:29ff:feae:543c/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:2892 errors:0 dropped:0 overruns:0 frame:0
          TX packets:1892 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:1628504 (1.6 MB)  TX bytes:184065 (184.0 KB)
          Interrupt:19 Base address:0x2024

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

tunl0     Link encap:IPIP Tunnel  HWaddr
          inet addr:192.168.25.110  Mask:255.255.255.255
          UP RUNNING NOARP  MTU:1480  Metric:1
          RX packets:36 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:2160 (2.1 KB)  TX bytes:0 (0.0 B)


$ route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use
Iface
0.0.0.0         192.168.25.2    0.0.0.0         UG    0      0        0 eth0
192.168.25.0    0.0.0.0         255.255.255.0   U     1      0        0 eth0
192.168.25.110  0.0.0.0         255.255.255.255 UH    0      0        0
tunl0

I use arptables to solve the ARP problem. I have confirmed using wireshark
traces that only the director sends ARP replies for the VIP. I start
servers on the client using the following command:
$while true ; do nc -l 8080  < index.html ; done

>From the client I execute:
$ lynx -dump http://192.168.25.140:8080/
   This is fake WWW server 1

$ lynx -dump http://192.168.25.131:8080/
   This is fake WWW server 2

$ lynx -dump http://192.168.25.110:8080/

Looking up 192.168.25.110:8080
Making HTTP connection to 192.168.25.110:8080
Alert!: Unable to connect to remote host.

lynx: Can't access startfile http://192.168.25.110:8080/

So, I ran a wireshark trace on tunl0 on one of the realservers. I see a
bunch of TCP SYNs with scr IP 192.168.25.128 and dst IP 192.168.25.110 but
the server never sends back a SYN ACK. I have been trying to search online
to find a solution for this but no luck so far. Can someone please tell me
what I might be missing?

Thanks,

Dushyant
_______________________________________________
Please read the documentation before posting - it's available at:
http://www.linuxvirtualserver.org/

LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
or go to http://lists.graemef.net/mailman/listinfo/lvs-users

<Prev in Thread] Current Thread [Next in Thread>