Re: [lvs-users] LVS-DR stuck in SYN packets?

[Tiago <sytker@xxxxxxxxx>]

Hi Malcom,

Answering:
>Is the apache server responding to BOTH the RIP & the VIP? (RIP for
>health checks, VIP for load balanced traffic)

root@web1:/var/log/apache2# netstat -ntlpd | grep :80
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN
     10159/apache2


>And how have you solved the ARP problem for the loopback adapter?

As we have completely separate vlans, the traffic which comes to VIP
doesn't reach RIP network segment. So, per some instructions I didn't take
any measure on it, I hope that approach is correct.

Basically I have:
LVS server:

eth1 (vlan 2054) with public IPs
eth0 (vlan 1296) with private IPs

So I have VIP on top of eth1.
And I have an 10.56.213.6 on top of eth0.

Real servers:
eth1 (vlan 2054) with public IPs
eth0 (vlan 1296) with private IPs

So I have VIP on lo:0
And I have 10.56.213.20 on top of eth0 on realserver 1 and I have
10.56.213.21 on top of eth0 on realserver 2.

Thanks




2014-03-24 17:40 GMT-03:00 Malcolm Turnbull <malcolm@xxxxxxxxxxxxxxxx>:

> Tiago,
>
> Is the apache server responding to BOTH the RIP & the VIP? (RIP for
> health checks, VIP for load balanced traffic)
> And how have you solved the ARP problem for the loopback adapter?
>
>
>
> On 24 March 2014 20:00, Tiago <sytker@xxxxxxxxx> wrote:
> > Hello all,
> >
> > I'm trying to setup an LVS-DR here for a couple of webservers. My
> scenario
> > is:
> >
> > Eth1 and eth0 are in separated vlans.
> >
> >    1. My realservers ips: 10.56.213.31-10.56.213.32 at eth0
> >    2.
> >    3. myrealip** at eth1 (its a public IP)
> >    4.
> >    5.
> >    6. root@lvs1:~# ipvsadm
> >    7. IP Virtual Server version 1.2.1 (size=4096)
> >    8. Prot LocalAddress:Port Scheduler Flags
> >    9.   -> RemoteAddress:Port           Forward Weight ActiveConn
> InActConn
> >    10. TCP  myrealip**:http wlc
> >    11.   -> 10.56.213.31:http            Route   1      0          0
> >    12.   -> 10.56.213.32:http            Route   1      0          0
> >    13.
> >    14. On realservers:
> >    15. lo:0      Link encap:Local Loopback
> >    16.           inet addr:myrealip**  Mask:255.255.255.255
> >    17.           UP LOOPBACK RUNNING  MTU:16436  Metric:1
> >    18.
> >    19. route -n:
> >    20. myrealip**  0.0.0.0         255.255.255.255 UH    0      0
>  0
> >    lo
> >    21.
> >    22.
> >    23. When someone try to access myrealip**:80 I have:
> >    24.   -> 10.56.213.31:http            Route   1      0          1
> >    25.   -> 10.56.213.32:http            Route   1      0          0
> >    26.
> >    27. And on realserver 10.56.213.31:
> >    28.
> >    29. root@web1:/var/log/apache2# tcpdump -ni eth0 host 216.5.78.123
> (my
> >    source ip)
> >    30. tcpdump: WARNING: eth0: no IPv4 address assigned
> >    31. tcpdump: verbose output suppressed, use -v or -vv for full
> protocol
> >    decode
> >    32. listening on eth0, link-type EN10MB (Ethernet), capture size 65535
> >    bytes
> >    33. 13:40:35.267880 IP 216.5.78.123.37026 > myrealip**.80: Flags [S],
> >    seq 2186878409, win 14600, options [mss 1460,sackOK,TS val 164050646
> ecr
> >    0,nop,wscale 7], length 0
> >    34. 13:40:36.270371 IP 216.5.78.123.37026 > myrealip**.80: Flags [S],
> >    seq 2186878409, win 14600, options [mss 1460,sackOK,TS val 164051646
> ecr
> >    0,nop,wscale 7], length 0
> >    35. 13:40:38.276806 IP 216.5.78.123.37026 > myrealip**.80: Flags [S],
> >    seq 2186878409, win 14600, options [mss 1460,sackOK,TS val 164053646
> ecr
> >    0,nop,wscale 7], length 0
> >    36. 13:40:42.294667 IP 216.5.78.123.37026 > myrealip**.80: Flags [S],
> >    seq 2186878409, win 14600, options [mss 1460,sackOK,TS val 164057646
> ecr
> >    0,nop,wscale 7], length 0
> >    37. 13:40:50.328756 IP 216.5.78.123.37026 > myrealip**.80: Flags [S],
> >    seq 2186878409, win 14600, options [mss 1460,sackOK,TS val 164065646
> ecr
> >    0,nop,wscale 7], length 0
> >    38.
> >    39. But I can't see the answer going back to me in any interface I
> have
> >    at these realservers. I don't get any HTTP HIT at apache either.
> >
> > Obviously it seems I'm missing something here, however, I can't see
> clearly
> > what is it.
> >
> > Can you help on this?
> >
> > Thanks in advance!
> > _______________________________________________
> > Please read the documentation before posting - it's available at:
> > http://www.linuxvirtualserver.org/
> >
> > LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
> > Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
> > or go to http://lists.graemef.net/mailman/listinfo/lvs-users
>
>
>
> --
> Regards,
>
> Malcolm Turnbull.
>
> Loadbalancer.org Ltd.
> Phone: +44 (0)870 443 8779
> http://www.loadbalancer.org/
>
> _______________________________________________
> Please read the documentation before posting - it's available at:
> http://www.linuxvirtualserver.org/
>
> LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
> Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
> or go to http://lists.graemef.net/mailman/listinfo/lvs-users
>
_______________________________________________
Please read the documentation before posting - it's available at:
http://www.linuxvirtualserver.org/

LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
or go to http://lists.graemef.net/mailman/listinfo/lvs-users