LVS
lvs-users
Google
 
Web LinuxVirtualServer.org

Re: realserver1 redirects to realserver2 :-(

To: Joseph Mack <mack@xxxxxxxxxxx>
Subject: Re: realserver1 redirects to realserver2 :-(
Cc: Thomas Proell <Thomas.Proell@xxxxxxxxxx>, lvs-users@xxxxxxxxxxxxxxxxxxxxxx, proellt@xxxxxx
From: Thomas Proell <Thomas.Proell@xxxxxxxxxx>
Date: Mon, 14 Aug 2000 13:16:57 +0200 (MET DST)
Hi!

> > - LVS accepting packets by transparent proxy
> 
> the director, realservers or both?

On both.

> > - ipfwadm to send the packets on port 80 to port 8080 (squid)
> 
> ipvs can only rewrite port numbers in VS-NAT mode. 
> Tell us where the ports are being rewritten.

The IPVS (virtual server) gets the requests on port 80
(as all http-requests) and redirects them to the realserver
port 80. Squid is running on the realserver port 8080,
so the packets are sent from realserver:80 to realserver:8080
(by each realserver).
 
> > - arp-problem handled by setting arp-table-entry on client
> 
> do you mean on realserver?

???
No, on the test-client. Since it's just for testing (I won't
have the arp-problem in the "real" environment) I can make
an entry the arp-table on the client. If he wants to send
something to 192.168.10.110, he'll find an entry in his arp-
table with the adress of the virtual server.

Wait a minute - since the realserver accepts the packets by
TP, there's no need for the entry 192.168.10.110  any more, 
correct? At least, there's no change if I remove it :-)
The client talks to the virtual server by "default route"
then. The default route is set to the real IP of the
virtual server, not on the VIP.

In fact, I use "tcpdump", and at least the conversation
between client and virtual server looks o.k.

> what happens if you also allow the director to forward telnet?
> Do you connect to one machine or each machine alternately?

Hmm. There's something I don't understand. If I use TP, I
don't really need a VIP any more, do I? I don't want to
answer requests for a single IP (VIP), but all requests
for all IPs should be sent to a farm on squid-caches.

Nomally, I don't need a VIP, correct?

ifconfig doesn't indicate a VIP on the virtual server at least.
ifconfig doesn't indicate a VIP on the real servers either.
ifconfig doesn't indicate a tunnelling device on the real
servers, and that's confusing for me a bit.

But if I call "telnet 192.168.10.110" (which is the VIP that
seems not to exist), then realserver1 answers. I didn't find
out, if the virtual server redirected it there or if it's
answering directly, but it's always realserver1, never
realserver2. 

So, realserver1 always answers, it's not important if it's
a telnet or a http-request.

Maybe it's just the arp-problem. I have to think about it.



Thomas




<Prev in Thread] Current Thread [Next in Thread>