I have setup a virtual server using the Linux 2.2 patch and 3 Sun Ultras
as the actual servers. It has crashed twice, though possibly from running
bind on the Virtual Server, since it was right when I started it up (bind)
that the virtual server would crash.
The major problem I am having is a timeout for Ident requests on POP3
and SMTP ports which seem to be confused. When looking at the problem with
tcpdump on the virtual server and the real servers the vserver seems to do
the following:
13:41:48.635985 10.0.0.1.4658 > vserver.net.smtp: . ack 2764990963 win 8760
13:41:48.636030 10.0.0.1.4658 > vserver.net.smtp: . ack 1 win 8760
13:41:48.658875 10.0.0.1.auth > vserver.net.48981: R 0:0(0) ack 2765099549
win 0 <<<<<<
13:41:52.143790 10.0.0.1.auth > vserver.net.48981: R 0:0(0) ack 1 win 0
<<<<<<
13:41:58.144210 10.0.0.1.auth > vserver.net.48981: R 0:0(0) ack 1 win 0
<<<<<<
The Ident, or auth port on the client machine trying to connect back to the
vserver is where it will pause for about 10-15 seconds then connect just
fine. I believe this may be qmail specific since a server funning sendmail
will not have this problem and ident seems to be used by qmail more than it
or something.
Also is the port to port feature on 2.2 version working with situations
where one port like 80 is redirected to port 35 on the real server? I have
tried this but it just sets the real servers port to the same as the virtual
server, 80 --> 80 instead of 80 --> 35.
The thing I have found out is that on Solaris 2.6, and probably other
versions of Solaris, you have to to some magic to get the loopback alias
setup. You must run the following commands one at a time:
ifconfig lo0:1 <VIP>
ifconfig lo0:1 <VIP> <VIP>
ifconfig lo0:1 netmask 255.255.255.255
ifconfig lo0:1 up
Which works well and is actually a pointopoint link like ppp which must be
the way Solaris defines aliases to the lo interface. It will not let you do
this all at once, just each step at a time or you have to start over from
scratch on the interface.
Chris Kennedy
I-Land Internet Services
ckennedy@xxxxxxxxx
|