|
nissim@xxxxxxxxxxxxx wrote:
>
> Hi, I set up LVS as follows:
>
> Director:
> eth0: 166.84.192.35 (this is the VIP, and an Internet address)
> eth1: 192.168.1.1
>
> ipchains -A forward -s 192.168.1.0/24 -j MASQ
> ipvsadm -A -t 166.84.192.35:80 -s
> ipvsadm -a -t 166.84.192.35:80 -r 192.168.1.80 -g wlc
It might be your typo here, wlc is in the above command. ;-)
>
> This machine has is the default gateway for both of the other machines.
>
> Real Server:
> eth0: 192.168.1.80
> dummy0: 166.84.192.35 (with arp hidden using proc fs)
>
> Client:
> eth0: 192.168.1.10
>
> Now if I do
> telnet 166.84.192.35 80
> from my shell account on a machine on the internet it connects
> successfully to the Web Server on 192.168.1.80,
>
> But if I do the same from the client listed above, it waits and never
> connects.
>
The reason is that the LVS/NAT just translate the destination of
request packets and change the source of response packets back to the
VIP address. If the client is in the network of real server, real
server will send response packets to the client directly, and the load
balancer won't have chance to change the source of response packets
back to the VIP, so the connection wait forever.
> Is there a solution to this?
>
Put your clients in another private network like 192.168.2.0/24, and
let your LVS/NAT cluster has its own private network.
Wensong
> Thanks
>
> -Nissim
>
> ----------------------------------------------------------------------
> LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
> To unsubscribe, e-mail: lvs-users-unsubscribe@xxxxxxxxxxxxxxxxxxxxxx
> For additional commands, e-mail: lvs-users-help@xxxxxxxxxxxxxxxxxxxxxx
----------------------------------------------------------------------
LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
To unsubscribe, e-mail: lvs-users-unsubscribe@xxxxxxxxxxxxxxxxxxxxxx
For additional commands, e-mail: lvs-users-help@xxxxxxxxxxxxxxxxxxxxxx
|
