On Mon, 24 Jul 2000, Jacob W Anderson wrote:
> Hi!
>
> I just setup my 3 node network (1 lvs, 2 real servers), and have what seems
> to be all of the networking componens working correctly: NAT to communicate
> through the LVS to the real servers, and the real servers can see nodes on
> the public network.
>
> >From my mx on a cable modem, I can ftp and telnet into the LVS machine, but
what's an "mx"
> when I try to connect to the LVS on port 80 via http, I always get
> connection refused.
there is no service listening on the target IP:port of your ipvsadm line.
> I do have web servers configured on the real servers, they were working just
> great prior to the move to LVS (they do virtual hosting). When I connect to
> the web servers on the real server mx, it responds correctly.
> Here's my network config:
I don't know these config files real well, so I'll guess - the
httpd should be listening on 10.x.x.x rather than 216.x.x.x
here's from the (unreleased new version of the) HOWTO
---------------------------------------------------------
6.6.2.4.2 http with VS-NAT:
Summary: make sure the httpd on the realserver is listening on the RIP
not the VIP.
tc lewis had an (ip-based) non-working http VS-NAT setup. The VIP
was a routable IP, while the realservers were virtual hosts on the
non-routable 192.168.1.0/24 network.
>From: Michael Sparks <michael.sparks@xxxxxxxxx>
What's happening is a consequence of using NAT. Your LVS is accepting
packets for the VIP, and re-writing them to either 192.168.123.3 or
192.168.123.2. The packets therefore arrive at those two servers marked
for address 192.168.123.2 or 192.168.123.3, not the VIP.
As a result when apache sees this:
> <VirtualHost w1.bungalow.intra>
...
> </VirtualHost>
It notices that the packets are arriving on either 192.168.123.2 or
192.168.123.3 and not w1.bungalow.intra, hence your problem.
Solution 1)
If this is the only website being serviced by these two servers, change
the config so the default doc root is the one you want.
Solution 2)
If they're servicing many websites map a realworld IP to an aliases on the
realservers and use that to do the work. IMO this is messy, and could
cause you major headaches.
Solution 3)
Use VS-DR or VS-TUN - that way the above config could be used without
problems since the VS address is a local address as well. This'd be my
choice.
--------------------------------------
My choice would be to convert to VS-DR
Joe
--
Joseph Mack mack@xxxxxxxxxxx
|