Hello,
I'm pretty new to the LVS configuration world, but I hear great things. I
am trying to setup a Director on a separate network than the Real Servers
in a proof of concept scenario.
The Director is on a private subnet & the Real Server will be using a
public IP address. I followed the tutorial at
http://www.ultramonkey.org/papers/lvs_tutorial/html/
Anyhow, the whole config & tcp dumps here:
## LVS Machine
root at lvs01:~# ipvsadm -L -n
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 172.20.10.6:80 wlc
-> 98.191.200.182:80 Tunnel 1 0 4
root at lvs01:~# sysctl -a | grep ip_forward
net.ipv4.ip_forward = 1
root at lvs01:~# ifconfig
eth0 Link encap:Ethernet HWaddr 08:00:27:2d:11:6c
inet addr:172.20.10.6 Bcast:172.20.10.15 Mask:255.255.255.240
inet6 addr: 2600:1012:b159:7dc6:a00:27ff:fe2d:116c/64 Scope:Global
inet6 addr: 2600:1012:b159:7dc6:2580:c3e0:7f22:90c8/64
Scope:Global
inet6 addr: fe80::a00:27ff:fe2d:116c/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:2293 errors:0 dropped:0 overruns:0 frame:0
TX packets:1551 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:478202 (478.2 KB) TX bytes:288698 (288.6 KB)
Interrupt:19 Base address:0xd020
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:142 errors:0 dropped:0 overruns:0 frame:0
TX packets:142 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:11929 (11.9 KB) TX bytes:11929 (11.9 KB)
## Remote machine (behind router which is doing port forwarding from
98.191.200.182:80 -> 192.168.1.185:80)
root at raspberrypi:/home/pi# ifconfig
eth0 Link encap:Ethernet HWaddr b8:27:eb:ee:84:69
inet addr:192.168.1.185 Bcast:192.168.1.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:14597 errors:0 dropped:484 overruns:0 frame:0
TX packets:1797 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:2921143 (2.7 MiB) TX bytes:301282 (294.2 KiB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:447 errors:0 dropped:0 overruns:0 frame:0
TX packets:447 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:130401 (127.3 KiB) TX bytes:130401 (127.3 KiB)
tunl0 Link encap:IPIP Tunnel HWaddr
inet addr:172.20.10.6 Mask:255.255.255.255
UP RUNNING NOARP MTU:1480 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
root at raspberrypi:/home/pi# cat /etc/sysctl.d/20-lvs-destination.conf
net.ipv4.conf.lo.arp_ignore = 1
net.ipv4.conf.lo.arp_announce = 2
net.ipv4.conf.tunl0.arp_ignore = 1
net.ipv4.conf.tunl0.arp_announce = 2
## TCP dump of LVS Machine when trying to visit 172.20.10.6 via browser
root at lvs01:~# tcpdump -n -i eth0:1 port 80
tcpdump: WARNING: eth0:1: no IPv4 address assigned
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0:1, link-type EN10MB (Ethernet), capture size 65535 bytes
13:05:33.928612 IP 172.20.10.2.61641 > 172.20.10.6.80: Flags [S], seq
375168773, win 65535, options [mss 1460,nop,wscale 5,nop,nop,TS val
1326362248 ecr 0,sackOK,eol], length 0
13:05:33.928664 IP 172.20.10.2.61642 > 172.20.10.6.80: Flags [S], seq
2628646146, win 65535, options [mss 1460,nop,wscale 5,nop,nop,TS val
1326362248 ecr 0,sackOK,eol], length 0
13:05:34.931978 IP 172.20.10.2.61642 > 172.20.10.6.80: Flags [S], seq
2628646146, win 65535, options [mss 1460,nop,wscale 5,nop,nop,TS val
1326363249 ecr 0,sackOK,eol], length 0
13:05:34.932031 IP 172.20.10.2.61641 > 172.20.10.6.80: Flags [S], seq
375168773, win 65535, options [mss 1460,nop,wscale 5,nop,nop,TS val
1326363249 ecr 0,sackOK,eol], length 0
13:05:35.935326 IP 172.20.10.2.61642 > 172.20.10.6.80: Flags [S], seq
2628646146, win 65535, options [mss 1460,nop,wscale 5,nop,nop,TS val
1326364249 ecr 0,sackOK,eol], length 0
13:05:35.935376 IP 172.20.10.2.61641 > 172.20.10.6.80: Flags [S], seq
375168773, win 65535, options [mss 1460,nop,wscale 5,nop,nop,TS val
1326364249 ecr 0,sackOK,eol], length 0
13:05:36.936083 IP 172.20.10.2.61642 > 172.20.10.6.80: Flags [S], seq
2628646146, win 65535, options [mss 1460,nop,wscale 5,nop,nop,TS val
1326365249 ecr 0,sackOK,eol], length 0
13:05:36.936122 IP 172.20.10.2.61641 > 172.20.10.6.80: Flags [S], seq
375168773, win 65535, options [mss 1460,nop,wscale 5,nop,nop,TS val
1326365249 ecr 0,sackOK,eol], length 0
13:05:37.944178 IP 172.20.10.2.61642 > 172.20.10.6.80: Flags [S], seq
2628646146, win 65535, options [mss 1460,nop,wscale 5,nop,nop,TS val
1326366249 ecr 0,sackOK,eol], length 0
13:05:37.944217 IP 172.20.10.2.61641 > 172.20.10.6.80: Flags [S], seq
375168773, win 65535, options [mss 1460,nop,wscale 5,nop,nop,TS val
1326366249 ecr 0,sackOK,eol], length 0
13:05:38.950484 IP 172.20.10.2.61642 > 172.20.10.6.80: Flags [S], seq
2628646146, win 65535, options [mss 1460,nop,wscale 5,nop,nop,TS val
1326367249 ecr 0,sackOK,eol], length 0
13:05:38.950524 IP 172.20.10.2.61641 > 172.20.10.6.80: Flags [S], seq
375168773, win 65535, options [mss 1460,nop,wscale 5,nop,nop,TS val
1326367249 ecr 0,sackOK,eol], length 0
13:05:40.958163 IP 172.20.10.2.61642 > 172.20.10.6.80: Flags [S], seq
2628646146, win 65535, options [mss 1460,nop,wscale 5,nop,nop,TS val
1326369249 ecr 0,sackOK,eol], length 0
13:05:40.958204 IP 172.20.10.2.61641 > 172.20.10.6.80: Flags [S], seq
375168773, win 65535, options [mss 1460,nop,wscale 5,nop,nop,TS val
1326369249 ecr 0,sackOK,eol], length 0
13:05:44.968782 IP 172.20.10.2.61642 > 172.20.10.6.80: Flags [S], seq
2628646146, win 65535, options [mss 1460,nop,wscale 5,nop,nop,TS val
1326373249 ecr 0,sackOK,eol], length 0
13:05:44.968822 IP 172.20.10.2.61641 > 172.20.10.6.80: Flags [S], seq
375168773, win 65535, options [mss 1460,nop,wscale 5,nop,nop,TS val
1326373249 ecr 0,sackOK,eol], length 0
13:05:52.987716 IP 172.20.10.2.61642 > 172.20.10.6.80: Flags [S], seq
2628646146, win 65535, options [mss 1460,nop,wscale 5,nop,nop,TS val
1326381249 ecr 0,sackOK,eol], length 0
13:05:52.987755 IP 172.20.10.2.61641 > 172.20.10.6.80: Flags [S], seq
375168773, win 65535, options [mss 1460,nop,wscale 5,nop,nop,TS val
1326381249 ecr 0,sackOK,eol], length 0
13:06:09.019087 IP 172.20.10.2.61641 > 172.20.10.6.80: Flags [S], seq
375168773, win 65535, options [mss 1460,nop,wscale 5,nop,nop,TS val
1326397249 ecr 0,sackOK,eol], length 0
13:06:41.105497 IP 172.20.10.2.61642 > 172.20.10.6.80: Flags [S], seq
2628646146, win 65535, options [mss 1460,sackOK,eol], length 0
13:06:41.105539 IP 172.20.10.2.61641 > 172.20.10.6.80: Flags [S], seq
375168773, win 65535, options [mss 1460,sackOK,eol], length 0
13:06:49.683159 IP 172.20.10.2.61658 > 172.20.10.6.80: Flags [S], seq
2615143147, win 65535, options [mss 1460,nop,wscale 5,nop,nop,TS val
1326437805 ecr 0,sackOK,eol], length 0
13:06:49.933186 IP 172.20.10.2.61659 > 172.20.10.6.80: Flags [S], seq
2439157426, win 65535, options [mss 1460,nop,wscale 5,nop,nop,TS val
1326438055 ecr 0,sackOK,eol], length 0
13:06:50.684257 IP 172.20.10.2.61658 > 172.20.10.6.80: Flags [S], seq
2615143147, win 65535, options [mss 1460,nop,wscale 5,nop,nop,TS val
1326438805 ecr 0,sackOK,eol], length 0
13:06:50.934982 IP 172.20.10.2.61659 > 172.20.10.6.80: Flags [S], seq
2439157426, win 65535, options [mss 1460,nop,wscale 5,nop,nop,TS val
1326439055 ecr 0,sackOK,eol], length 0
13:06:51.685122 IP 172.20.10.2.61658 > 172.20.10.6.80: Flags [S], seq
2615143147, win 65535, options [mss 1460,nop,wscale 5,nop,nop,TS val
1326439805 ecr 0,sackOK,eol], length 0
13:06:51.936173 IP 172.20.10.2.61659 > 172.20.10.6.80: Flags [S], seq
2439157426, win 65535, options [mss 1460,nop,wscale 5,nop,nop,TS val
1326440055 ecr 0,sackOK,eol], length 0
13:06:52.687047 IP 172.20.10.2.61658 > 172.20.10.6.80: Flags [S], seq
2615143147, win 65535, options [mss 1460,nop,wscale 5,nop,nop,TS val
1326440805 ecr 0,sackOK,eol], length 0
13:06:52.938955 IP 172.20.10.2.61659 > 172.20.10.6.80: Flags [S], seq
2439157426, win 65535, options [mss 1460,nop,wscale 5,nop,nop,TS val
1326441055 ecr 0,sackOK,eol], length 0
13:06:53.692296 IP 172.20.10.2.61658 > 172.20.10.6.80: Flags [S], seq
2615143147, win 65535, options [mss 1460,nop,wscale 5,nop,nop,TS val
1326441805 ecr 0,sackOK,eol], length 0
13:06:53.944695 IP 172.20.10.2.61659 > 172.20.10.6.80: Flags [S], seq
2439157426, win 65535, options [mss 1460,nop,wscale 5,nop,nop,TS val
1326442055 ecr 0,sackOK,eol], length 0
13:06:54.698199 IP 172.20.10.2.61658 > 172.20.10.6.80: Flags [S], seq
2615143147, win 65535, options [mss 1460,nop,wscale 5,nop,nop,TS val
1326442805 ecr 0,sackOK,eol], length 0
13:06:54.948887 IP 172.20.10.2.61659 > 172.20.10.6.80: Flags [S], seq
2439157426, win 65535, options [mss 1460,nop,wscale 5,nop,nop,TS val
1326443055 ecr 0,sackOK,eol], length 0
13:06:56.712993 IP 172.20.10.2.61658 > 172.20.10.6.80: Flags [S], seq
2615143147, win 65535, options [mss 1460,nop,wscale 5,nop,nop,TS val
1326444805 ecr 0,sackOK,eol], length 0
13:06:56.964115 IP 172.20.10.2.61659 > 172.20.10.6.80: Flags [S], seq
2439157426, win 65535, options [mss 1460,nop,wscale 5,nop,nop,TS val
1326445055 ecr 0,sackOK,eol], length 0
*Aldo Sarmiento*
|