|
Stephen Rowles wrote:
>
> Hi,
>
> I am trying to setup a telnet cluster using linux as a base (2.2.16 kernel).
> I have finally managed to hide the VIP from the outside world by using
> additional old network cards (eth1).
what did you need to do to get it to work?
> lvs is setup as follows:
>
> IP Virtual Server version 0.9.15 (size=4096)
> Prot LocalAddress:Port Scheduler Flags
> -> RemoteAddress:Port Forward Weight ActiveConn InActConn
> TCP 192.78.71.22:23 rr persistent 600
> -> 192.68.71.192:23 Route 1 0 0
> -> 192.68.71.190:23 Route 1 0 0
>
> When I connect form another machine on the 192.68.71.* network the
> connection takes a long time to get a login prompt but does connect
> eventually.
you are probably running telnet on the real-servers under identd (look
in the HOWTO for further explanation). sendmail can call identd directly
but telnet is often run under tcp wrappers, which calls identd.
If this is the case then your inetd.conf
line will look like
telnet stream tcp nowait root /usr/sbin/tcpd in.telnetd
to run telnet without tcpwrappers change this to
telnet stream tcp nowait root /usr/sbin/in.telnetd in.telnetd
Having tcpwrappers does not add to your security. All it does is add a delay
to people telnetting that don't respond to identd requests.
> And the connections are spread across the two servers.
I don't know what this means.
>
> However, when I try and connect from a machine which is outside the
> 192.68.71.* network I cannot connect to the cluster - but I can connect to
> the machine individually.
don't know. I'd suggest you look on the director for hosts.allow/deny type
things or routing problems
Joe
--
Joseph Mack PhD, Senior Systems Engineer, Lockheed Martin
contractor to the National Environmental Supercomputer Center,
mailto:mack.joseph@xxxxxxx ph# 919-541-0007, RTP, NC, USA
|
