ultramonkey/lvs/ldirectord/dns woes

[msteele@xxxxxxxxxxxxxxxxxxx]

Hey folks, I've been trying to debug this problem I have, and so far no
luck :(

Sorry if this isn't _directly_ lvs related, but since
ultramonkey doesn't seem to have been updated in a while,
I thought I'd try to get help here first.

I installed ultramonkey 1.0.2beta0, kernel 2.4.0, lvs 0.2.4, iptables
1.2
without a hitch. I've got a node responding on tcp
ports 80,443,21 using masquerading, but upd port 53
doesn't seem to want to accept connections.

I currently have only one node, but if I can get
this setup I will be able to free up some machines to add
more. So this setup is pretty basic, one monitor, one node.

(no ha, no load balancing)

my setup:

Router box (aka linux director)

/sbin/ifconfig lo 127.0.0.1
/sbin/ifconfig eth0 216.218.7.2 netmask 255.255.255.0
/sbin/ifconfig eth1 10.0.0.1 netmask 255.0.0.0
/sbin/route add default gw 216.218.7.1 eth0
/sbin/route add -net 127.0.0.0 netmask 255.0.0.0 lo
/sbin/route add -net 10.0.0.0 netmask 255.0.0.0 eth1
/sbin/ifconfig eth0:0 216.218.7.3
/usr/local/sbin/iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
echo "16384" > /proc/sys/net/ipv4/ip_conntrack_max

Node 1 (first of many hopefully)

/sbin/ifconfig lo 127.0.0.1
/sbin/route add -net 127.0.0.0 netmask 255.0.0.0 lo
/sbin/ifconfig eth0 10.0.1.1 broadcast 10.0.0.0 netmask 255.0.0.0
/sbin/route add default gw 10.0.0.1 netmask 0.0.0.0 metric 1

ncftpd,apache,etc TCP
tinydns (djbdns) - UDP


my router/firewall is setup to route traffic to 10.0.0.0/8 through 
216.218.7.2


Here's my ldirectord config:

checktimeout=30
checkinterval=30

## HTTP
virtual=216.218.7.3:80
        fallback=127.0.0.1:80
        real=10.0.1.1:80 masq
        service=http
        request=".ha"
        receive="ha"
        scheduler=wlc
        persistent=600
        protocol=tcp
 
## HTTPS
virtual=216.218.7.3:443
        fallback=127.0.0.1:443
        real=10.0.1.1:443 masq
        service=https
        request=".ha"
        receive="ha"
        scheduler=wlc
        persistent=600
        protocol=tcp

## FTP 
virtual=216.218.7.3:21
        fallback=127.0.0.1:21
        real=10.0.1.1:21 masq
        service=ftp
        request="ha"
        receive="ha"
        login="ha"
        passwd="secret"
        scheduler=wlc
        persistent=600
        protocol=tcp
 
## DNS (UDP)
virtual=216.218.7.3:53
        fallback=127.0.0.1:53
        real=10.0.1.1:53 masq
        service=none
        scheduler=wlc
        protocol=udp


For some reason, this setup doesn't want to make the dns service go up.
here's what I get in the logs:
[Thu Feb 22 01:15:25 2001|ldirectord.cf] Starting Linux Director Daemon
[Thu Feb 22 01:15:25 2001|ldirectord.cf] Adding virtual server:
216.218.7.3:80
[Thu Feb 22 01:15:25 2001|ldirectord.cf] Starting fallback server for:
216.218.7.3:80 (127.0.0.1:80)
[Thu Feb 22 01:15:25 2001|ldirectord.cf] Adding virtual server:
216.218.7.3:443
[Thu Feb 22 01:15:25 2001|ldirectord.cf] Starting fallback server for:
216.218.7.3:443 (127.0.0.1:443)
[Thu Feb 22 01:15:25 2001|ldirectord.cf] Adding virtual server:
216.218.7.3:21
[Thu Feb 22 01:15:25 2001|ldirectord.cf] Starting fallback server for:
216.218.7.3:21 (127.0.0.1:21)
[Thu Feb 22 01:15:25 2001|ldirectord.cf] Adding virtual server:
216.218.7.3:53
[Thu Feb 22 01:15:25 2001|ldirectord.cf] Starting fallback server for:
216.218.7.3:53 (127.0.0.1:53)
[Thu Feb 22 01:15:25 2001|ldirectord.cf] Adding real server: 10.0.1.1:80
(216.218.7.3:80)
[Thu Feb 22 01:15:25 2001|ldirectord.cf] Turning off fallback server
for: 216.218.7.3:80 (127.0.0.1:80)
[Thu Feb 22 01:15:25 2001|ldirectord.cf] Adding real server:
10.0.1.1:443 (216.218.7.3:443)
[Thu Feb 22 01:15:25 2001|ldirectord.cf] Turning off fallback server
for: 216.218.7.3:443 (127.0.0.1:443)
[Thu Feb 22 01:15:25 2001|ldirectord.cf] Adding real server: 10.0.1.1:21
(216.218.7.3:21)
[Thu Feb 22 01:15:25 2001|ldirectord.cf] Turning off fallback server
for: 216.218.7.3:21 (127.0.0.1:21)


After this didn't work, I modified the ldirectord program, added a new
function
called check_dns 

sub check_dns {
my ($v,$r) = @_;
use Net::DNS;
$res = new Net::DNS::Resolver;

eval {
local $SIG{'ALRM'} = sub { die "timeout\n"; };
alarm($$v{checktimeout});
$res->nameservers($$r{server});
$query = $res->search("www.test.org"); ## my test domain...
alarm(0);
     };
 
if (@$ eq "timeout\n") { service_set($v,$r,"down"); }
 
if ($query) {
foreach $rr ($query->answer) {
next unless $rr->type eq "A";
service_set($v,$r,"up");
return;
                             }
            }
 
service_set($v,$r,"down");
              } 


changed a bit of code to accomodate the new service type,
changed the config file and put service=dns


after stopping and restarting ldirectord with my new code and config, 
I get:
ipvsadm -L -n
IP Virtual Server version 0.2.4 (size=4096)
Prot LocalAddress:Port Scheduler Flags
  -> RemoteAddress:Port          Forward Weight ActiveConn InActConn
TCP  216.218.7.3:21 wlc persistent 600
  -> 10.0.1.1:21                 Masq    1      0          0
UDP  216.218.7.3:53 wlc
  -> 127.0.0.1:53                Local   1      0          0
TCP  216.218.7.3:80 wlc persistent 600
  -> 10.0.1.1:80                 Masq    1      0          0
TCP  216.218.7.3:443 wlc persistent 600
  -> 10.0.1.1:443                Masq    1      0          0    


which is exactly the same as if I hadn't modified anything at all :(

dns lookups to the node work fine (from any machine on my network).

# nslookup
> server 10.0.1.1
Default Server:  [10.0.1.1]
Address:  10.0.1.1
 
> www.test.org
Server:  [10.0.1.1]
Address:  10.0.1.1
 
Name:    www.test.org
Address:  216.218.7.3 


I'm a bit stumped as to what's going wrong here, so any help would be
apreciated.

I would also be interested in finding out if anyone has gotten qmail
smtp 
to work in a cluster-type of environment, and how to do it
(qmtp/qmail-mini?)


Regards,



-- 
Mark Steele
Archduke research and development
Inet Technologies Inc.
msteele@xxxxxxxxxxxxxxxxxxx

010110010110111101110101001000000110000101110010011001010010000001100100011101010110110101100010