|
hi,
I have setup a cluster with the following steps as show below, however it
will not accept telnet requests from outside the clusters subnet. However
if you connect from a machine that is on the same subnet, then there is no
problem and the cluster works fine... Anybody know what I am doing wrong? I
have used tcpdump and I know that even from outside the clusters subnet the
telnet packets are reaching the director but it seems to just ignore them.
(the packet sniffer was run on the director to ensure that the packets
REALLY got to that machine).
I use Direct routing and as you can see from the ipvsadm output below, when
connecting from a local subnet the cluster works fine. When connecting from
outside I get an inactive connection which never manages to connect:
Before any connections:
IP Virtual Server version 0.9.15 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 162.68.71.22:23 rr persistent 600
-> 162.68.71.192:23 Route 1 0 0
-> 162.68.71.190:23 Route 1 0 0
After connection from local subnet:
IP Virtual Server version 0.9.15 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 162.68.71.22:23 rr persistent 600
-> 162.68.71.192:23 Route 1 0 0
-> 162.68.71.190:23 Route 1 1 0
Waiting for connection from another subnet:
IP Virtual Server version 0.9.15 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 162.68.71.22:23 rr persistent 600
-> 162.68.71.192:23 Route 1 0 1
-> 162.68.71.190:23 Route 1 0 0
SETUP AS BELOW:
Using ulta-monkey to produce a telnet cluster.....
Linux Director - runs lvs and routes all requests to cluster
==============
kernel :- 2.2.16 from kernel.org
patched with latest ipvs patch :- 0.9.15
Compile kernel with:
CONFIG_FIREWALL=y
CONFIG_IP_FIREWALL=y
CONFIG_IP_TRANSPARENT_PROXY=y (IP forwarding / gatewaying)
CONFIG_IP_MASQUERADE=y
CONFIG_IP_MASQUERADE_VS=y
CONFIG_IP_MASQUERADE_VS_TAB_BITS=12
CONFIG_IP_MASQUERADE_VS_RR=y
CONFIG_IP_MASQUERADE_VS_WRR=y
CONFIG_IP_MASQUERADE_VS_LC=y
CONFIG_IP_MASQUERADE_VS_WLC=y
CONFIG_NET_IPIP=y
CONFIG_NET_IPGRE=y
CONFIG_NET_IPGRE_BROADCAST=y
CONFIG_IP_ALIAS=y
Configure /etc/ha.d/conf/ldirectord.cf:
timeout=10
checkinterval=4
autoreload=yes
#fallback=127.0.0.1:23
virtual=162.68.71.22:23
real=162.68.71.190:23 gate
real=162.68.71.192:23 gate
#real=162.168.6.6:80 gate
service=none
request="h"
receive=""
scheduler=rr
persistent=600
protocol=tcp
/etc/rc.d/init.d/ldirectord start
configure eth0 interface alias 0: (/etc/sysconfig/network-scripts/ifcfg-eth0:0)
DEVICE=eth0:0
ONBOOT=yes
BROADCAST=162.68.71.255
NETWORK=162.68.71.0
NETMASK=255.255.255.0
IPADDR=162.68.71.22
echo "1" > /proc/sys/net/ipv4/ip_forward
Real Servers
============
Install an old network card as eth1:
alias eth1 to wd
configure eth1: (/etc/sysconfig/network-scripts/ifcfg-eth1)
DEVICE=eth1
ONBOOT=yes
BROADCAST=162.68.71.255
NETWORK=162.68.71.0
NETMASK=255.255.255.0
IPADDR=162.68.71.22
addr:162.68.71.22 Broadcast:162.68.71.255 NetMask:255.255.255.0
hide ip by doing:
echo "1" > /proc/sys/net/ipv4/conf/all/hidden
echo "1" > /proc/sys/net/ipv4/conf/eth1/hidden
Change inetd.conf telnet line to:
telnet stream tcp nowait root /usr/sbin/in.telnetd in.telnetd
Steve.
----------------------------------------------------------------------------
Going to church doesn't make you a Christian any more than going to a garage
makes you a mechanic.
|
