LVS
lvs-users
Google
 
Web LinuxVirtualServer.org

Re: [lvs-users] FTP data port connection not closing?

To: Julian Anastasov <ja@xxxxxx>
Subject: Re: [lvs-users] FTP data port connection not closing?
Cc: lvs-users@xxxxxxxxxxxxxxxxxxxxxx
From: Owain Jones <Owain@xxxxxxxxxxxxxxxxxx>
Date: Tue, 29 Aug 2017 14:47:37 +0100
Okay, now we're getting somewhere interesting.

Looking at the pure-ftpd verbose log, it shows a connection from 
192.168.0.1 (the router). Then 192.168.0.1 logs in - so it's 
user@192.168.0.1 - and it issues a few commands - "opts", "pbsz", 
"prot", "pwd" - then it says:

(?@192.168.0.100) New connection from 192.168.0.100
(?@192.168.0.100) Logout

And it has this a few times in a row.

The thing is, 192.168.0.100 is the DIP. 192.168.0.99 is the VIP. 
192.168.0.1 is the router IP (which is NAT'ing for the client, so 
effectively the CIP).

What seems to be happening is that it's correctly connecting to the FTP 
server initially, but then it's wrongly connecting as the director with 
the DIP half-way through.

This is probably, based on when it's happening, when the client is 
making a connection to the passive port range. But, the thing is, for 
that even be reaching the FTP server, the firewall marks must be 
working, as that's what LVS is using to redirect to the FTP server.

But it hasn't got the correct IP address.

Why's this happening? And how would I fix it?

_______________________________________________
Please read the documentation before posting - it's available at:
http://www.linuxvirtualserver.org/

LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
or go to http://lists.graemef.net/mailman/listinfo/lvs-users

<Prev in Thread] Current Thread [Next in Thread>