Jiri Gubik wrote:
> Hi,
> I am not able to run VS with masquerading too. I thing that I am doing
> everything right.
Please make sure that the director is set as router and the default
route of real servers is pointed to the internal address of the director.
The client must be outside of the LVS cluster, and the client cannot
connect the real servers directly, I mean that the client must contact
real server through the director.
Good luck,
Wensong
>
> Here is my ipvsadm -L when I am trying open www connection:
>
> IP Virtual Server (Version 0.6)
> Protocol Local Address:Port Scheduler
> -> Remote Address:Port Forward Weight ActiveConn FinConn
> TCP A.B.C.D:80 wlc
> -> 192.168.1.110:80 Masq 1 1 0
>
> I can see one active connection.
> Here is my ipchains -L -M
>
> prot expire source destination ports
> TCP 00:59.48 192.168.1.110 my.computer.com www (80) ->
> 1146
>
> I am not getting any connection to 192.168.1.110. (No packet is going
> from VS box - verified by tcpdump) I have compiled kernel with suggested
> settings only. IP masq from 192.168.1.x is working fine. Here is my
> ipchains -L
>
> Chain input (policy ACCEPT):
> Chain forward (policy ACCEPT):
> target prot opt source destination
> ports
> MASQ all ------ localnet/24 anywhere n/a
> Chain output (policy ACCEPT):
>
> I here anybody who has working VS with masquerading???
> Regards Jiri
>
> Gabriel Neagoe wrote:
> >
> > Hello Cliff
> >
> > I had a similar problem with the NAT on the VS.
> > First take a look in the connections list on the real server (use "netstat")
> > -if you have no connection on VS-s address and port that means you have a
> > problem with the distribution
> > -if you have a SYN_RCVD connection on the real server there is something
> > wrong with the returning packets ( I had a BIG problem here...the solution
> > is to recompile the kernel with the _ONLY_ masquerading settings according
> > to specifications of the VS ... if you add some masq features, although
> > everything seems perfect, it won't work)
> >
> > hope that helps
> > ------------------------------------
> > Gabriel Neagoe, GN379-RIPE
> > Networking consultant
> > Cisco product manager, CCNA, CCDA
> > S&T Romania
> > ------------------------------------
> >
> > -----Original Message-----
> > From: Baeseman, Cliff [mailto:Cliff.Baeseman@xxxxxxxxxxxxx]
> > Sent: Wednesday, July 07, 1999 7:38 PM
> > To: linux-virtualserver@xxxxxxxxxxxx
> > Subject: Cannot get this thing to work
> >
> > Here is my problem....
> >
> > I built a new kernel last week a .10 with the patch applied.
> >
> > I put in my routing according to the NAT documentation. All The commands
> > were accepted and I can see the routes in the table. No matter how much or
> > what I try it is not forwarding anything.
> >
> > my setup
> >
> > Virtual IP 127.1.175.12 Machine Name Hacker
> >
> > Real Server 127.1.175.2 Machine Name Bravo
> >
> > my setup follows
> >
> > echo "1" > /proc/sys/net/ipv4/ip_forward <---- what this does
> > I have no idea
> > ipchains -A forward -j MASQ -s 127.1.175.0/24 -d 0.0.0.0/0 <---I do
> > not know if this is correct
> > Add virtual service and link a scheduler to it
> > ipvsadm -A -t127.1.175.12:80 -s wlc (Weight least connections
> > scheduling)
> >
> > Add real server and select forwarding method
> > ipvsadm -a -t 127.1.175.12:80 -R 127.1.175.2:80 -m
> >
> > I have no web server running on the "director" node Hacker just on the real
> > server bravo.
> >
> > I try to connect from a client browser and get no response whatsoever.
> >
> > How can I troubleshoot this problem.... I am totally at a loss here.
> >
> > Cliff
> >
> > - "If you kiss me, I'll turn into a beautiful princess."
> > - "Look, I'm a computer programmer. I don't have time for girls,
> > but a talking frog is very very cool."
> >
|