Please help me to get LVS work! Thx...

[Libiao Shang <lshang@xxxxxxxxx>]

First,  I appreciated you take your time to read this long note.  I have
been working on setting up LVS for a week, no luck to get it work.  It
seems that the http request for the virtual IP (199.81.237.254) not been
redirected to real servers (192.168.1.3 and 192.168.1.4).  If you can
help me any, It will certainly make a good day to me.  Thanks again.

Libiao Shang

=======================================================================================
I am setting up a LVS cluster with two real server behind one virtual
server.
I have ipvsadm 0.9.14 running on redhat 2.2.16 kernel for virtual server
(active router).  
The two real servers are running winnt IIS web server.  Apache web
server is running on virtual server (active router).  However, the http
request for virtual server IP is not redirected to the real servers with
or without httpd running on active router.  I could not figure it out. 
Please help me if you can.
====================================================================================

The following is my infrastructure, lvs.cf and rc.firewall file.  After
I enable ip_forward, ip_defrag and ipchains, I started pulse daemon. 
 
The output from "ps ax" command like this:

 3086 ?        S      0:00 pulse
 3091 ?        S      0:00 /usr/sbin/lvs --nofork -c /etc/lvs.cf
 3102 ?        S      0:00 /usr/sbin/nanny -c -h 192.168.1.3 -p 80 -a 15
-I /usr..
 3103 ?        S      0:00 /usr/sbin/nanny -c -h 192.168.1.4 -p 80 -a 15
-I /usr..

The output from "ipvsadm -l" command like this:

IP Virtual Server version 0.9.14 (size=4096)
Prot LocalAddress:Port Scheduler Flags
  -> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP  C751EDFE:0050 wlc
  -> D0070000:0000      Masq    0      0          0         
  -> E8030000:0000      Masq    0      0          0
=====================================================================================
Infrastructure:

|-------|------------------------------------------|---------| Public
network
         |eth0=199.81.237.27                       
         |eth0:0=199.81.237.254 (vs1)              
   ------|-----                              
   |  active  |                           
   |  router  |                            
   |          |                            
   ------|-----                             
         |eth1=192.168.1.1                         
         |eth1:0=192.168.1.254 (NAT router)        
 |-------|-|------------------|-----------------| Private network
           |eth0=192.168.1.3  |eth0=192.168.1.4 
           |                  |                
           |---------|        |---------|       
           |   rs1   |        |   rs2   |     
           |_________|        |_________|  
====================================================================================
/etc/lvs.cf:

primary = 199.81.237.27
rsh_command = rsh
heartbeat = 1
heartbeat_port = 539
keepalive = 6
deadtime = 18
network = nat
nat_router = 192.168.1.254 eth1:0
virtual vs1 {
    active = 1
    address = 199.81.237.254 eth0:0
    port = 80
    load_monitor = ruptime
    scheduler = wlc
    timeout = 6
    reentry = 15
    server rs1 {
        address = 192.168.1.3
        active = 1
        weight = 1000
    }
    server rs2 {
        address = 192.168.1.4
        active = 1
        weight = 1000
    }
====================================================================================
/etc/rc.d/rc.firewall (called by /etc/rc.d/rc.local):

#!/bin/sh
/sbin/depmod -a
/sbin/modprobe ip_masq_ftp
echo "1" > /proc/sys/net/ipv4/ip_forward
echo "1" > /proc/sys/net/ipv4/ip_always_defrag
/sbin/ipchains -M -S 7200 10 160
/sbin/ipchains -P forward DENY
/sbin/ipchains -A forward -s 192.168.1.0/24 -d 0.0.0.0/0 -j MASQ 
=====================================================================================

lshang.vcf
Description: Card for Libiao Shang