|
Hmm, what do you have on your *real server*,
upquark.cae.crosstor.com, positron.cae.crosstor.com?
Do you have a loopback interface defined on the real servers that point to
the virtual address in the linux director machine, or is this not needed
when using fwmark?
Also I see that your port in your ipvsadm output is 0. Can you explain
this?
Thanks!
>
> I'm using eth0:0 and eth0:1 for virual servers.
> my virtual servers are test (172.16.1.247)
> and morrist (172.16.1.248).
>
> Here is my ifconfig:
>
>
> eth0 Link encap:Ethernet HWaddr 00:E0:18:98:E5:FC
> inet addr:192.168.129.247 Bcast:192.168.131.255 Mask:255.255.252.0
> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
> RX packets:90762 errors:0 dropped:0 overruns:0 frame:0
> TX packets:9147 errors:0 dropped:0 overruns:0 carrier:0
> collisions:2 txqueuelen:100
> Interrupt:10 Base address:0x6000
>
> eth0:0 Link encap:Ethernet HWaddr 00:E0:18:98:E5:FC
> inet addr:172.16.1.247 Bcast:172.16.255.255 Mask:255.255.255.255
> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
> Interrupt:10 Base address:0x6000
>
> eth0:1 Link encap:Ethernet HWaddr 00:E0:18:98:E5:FC
> inet addr:172.16.1.248 Bcast:172.16.255.255 Mask:255.255.255.255
> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
> Interrupt:10 Base address:0x6000
>
> lo Link encap:Local Loopback
> inet addr:127.0.0.1 Mask:255.0.0.0
> UP LOOPBACK RUNNING MTU:1500 Metric:1
> RX packets:554 errors:0 dropped:0 overruns:0 frame:0
> TX packets:554 errors:0 dropped:0 overruns:0 carrier:0
> collisions:0 txqueuelen:0
>
> Here is my ipvsadm -L output
>
> IP Virtual Server version 0.9.13 (size=4096)
> Prot LocalAddress:Port Scheduler Flags
> -> RemoteAddress:Port Forward Weight ActiveConn InActConn
> FWM 1 rr
> -> upquark.cae.crosstor.com:0 Masq 1 0 0
> -> positron.cae.crosstor.com:0 Masq 1 0 0
> FWM 2 rr
> -> morrist-3.cae.crosstor.com:0 Masq 1 0 0
> -> morrist-2.cae.crosstor.com:0 Masq 1 0 0
> -> morrist-1.cae.crosstor.com:0 Masq 1 0 0
>
> And here is my ipchains output:
> Chain input (policy ACCEPT):
> target prot opt source destination ports
> - all ------ anywhere morrist n/a
> - all ------ anywhere test n/a
> Chain forward (policy DENY):
> target prot opt source destination ports
> MASQ all ------ morrist-1.cae.crosstor.com anywhere n/a
> MASQ all ------ morrist-2.cae.crosstor.com anywhere n/a
> MASQ all ------ morrist-3.cae.crosstor.com anywhere n/a
> MASQ all ------ positron.cae.crosstor.com anywhere n/a
> MASQ all ------ upquark.cae.crosstor.com anywhere n/a
> Chain output (policy ACCEPT):
> Chain acctin (0 references):
> Chain acctout (0 references):
> Chain acctboth (0 references):
> Chain inp (0 references):
> Chain out (0 references):
> Chain fwd (0 references):
> Chain IpFwAdM! (0 references):
>
> It ****seems**** to work. I'm worried that I'm overlooking something though.
> Tom Morris
>
> Jeremy Hansen wrote:
>
> > Hmm, this seems strange to use eth0:0 for real servers. Can anyone else
> > confirm this for fwmark operations?
> >
> > When using fwmark, does the hidden lo and all sysctl's still need to be
> > set?
> >
> > -jeremy
> >
> > > I could only get it to work if I used eth0:0 instead of lo:0 for the
> > > virtual
> > > server interface. I posted a question about the reason for usiing lo:0,
> > > but
> > > nobody has yet responded. I'm using the latest patches on 2.2.15 kernel.
> > > Tom Morris
> > > CrosStor Software
> > > Jeremy Hansen wrote:
> > >
> > > > So I'm trying to use fwmark and I'm running into problems. I'm using
> > > > the
> > > > UltraMonkey examples and I think where I'm having the problem is with
> > > > the
> > > > 192.168.0.0/24 network example. My cluster is setup using 10.2.9.0/24.
> > > >
> > > > floating ip is 10.2.9.5
> > > >
> > > > ld1 and ld2, 10.2.9.2, and 10.2.9.3
> > > >
> > > > real servers
> > > >
> > > > web1-3, 10.2.9.10-12
> > > >
> > > > So I decided to use 10.2.20.0/24 in place of the 192.168.0.0/24 in the
> > > > example.
> > > >
> > > > As far as I can tell I had things exactly as they instruct in the
> > > > example.
> > > >
> > > > On real server lo:0 was config'd for 10.2.20.0
> > > >
> > > > ipchains was accepting all, but I did do the ipchains -A input -d
> > > > 10.2.20.0/24 -m 1 and added the route for 10.2.20.0/24 to gateway via
> > > > the
> > > > vip, 10.2.9.5.
> > > >
> > > > and ipvsadm used ipvsadm -A -f 1 vip1:80 and ipvsadm -a -f -1 -r
> > > > webtest1:80, etc.
> > > >
> > > > so did all this and it did not work...so the only thing looking fishy to
> > > > me is my use of 10.2.20.0/24. Any ideas what I could be overlooking?
> > > >
> > > > Also is there any real performance advantages to using fwmark? I guess
> > > > the cool thing is it easily allows me to use other services, right?
> > > >
> > > > Thanks
> > > > -jeremy
> > > >
> > >
> >
> > --
> >
> > http://www.xxedgexx.com | jeremy@xxxxxxxxxxxx
> > ---------------------------------------------
> >
>
--
http://www.xxedgexx.com | jeremy@xxxxxxxxxxxx
---------------------------------------------
|
