|
Hi,
I have a strange problem and I can't seem to find clear information on
how to do this .
I have 2 loadbalancer set up keepalived NAT mode with 2 interfaces each
internal vip - 192.168.0.199
external vip - 195.x.x.21
lb1 -master
bond0 - private - 192.168.0.239
eth5 - public - 195.x.x.41
lb1 -slave
bond0 - private - 192.168.0.238
eth5 - public - 195.x.x.42
results of watch -n 0.5 ipvsadm -ln
Every 0.5s: ipvsadm
-ln
Tue Jun 7 14:15:25 2011
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.0.198:3306 wrr
-> 192.168.0.239:4041 Local 1 0 0
TCP 192.168.0.199:80 rr
-> 192.168.0.235:80 Masq 1 0 0
-> 192.168.0.236:80 Masq 1 0 0
-> 192.168.0.237:80 Masq 1 0 0
TCP 192.168.0.199:443 rr
-> 192.168.0.235:443 Masq 1 0 0
-> 192.168.0.236:443 Masq 1 0 0
-> 192.168.0.237:443 Masq 1 0 0
i can seem to nat incoming connections from external ip to internal ip.
i have managed to allow outgoing from cluster to public using
iptables -t nat -A POSTROUTING -o eth5 -j MASQUERADE
or
iptables -t nat -A POSTROUTING ! -d 192.168.0.1/24 -j SNAT --to
195.x.x.21
I have tried this:
iptables -t nat -A PREROUTING --dst 195.x.x.21 -p tcp --dport 80 -j
DNAT --to-destination 192.168.0.235
which works but directs traffic to 1 server on in the cluster, but if i
try the internal vip i get nothing
iptables -t nat -A PREROUTING --dst 195.x.x.21 -p tcp --dport 80 -j
DNAT --to-destination 192.168.0.199
when i test with wget from any lan pc i get following error in syslog
Jun 7 14:11:30 lb1 kernel: [ 6845.854613] ip_rt_bug:
217.35.126.204 -> 192.168.0.199, eth5
Can anyone help?
_______________________________________________
Please read the documentation before posting - it's available at:
http://www.linuxvirtualserver.org/
LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
or go to http://lists.graemef.net/mailman/listinfo/lvs-users
|
