Hi
Im using the latest piranha package from the experimental area.
Running RH 7.1 upgraded kernel 2.4.3 source patched ipvs-0.2.11
I have 2 load balancers and 8 real servers
There are 5 virtual servers all servered from the 8 real servers
The primary load balancer has one static ip 212.161.72.2(eth0) and
5 floating ips 212.161.72.70/75/76/77/75
The other static ip is 192.168.0.2(eth1) and 192.168.0.5 is the
floating default route for the 8 reals.
The load balancers seem to work fine detecting a fail and switching
roles.
The problem is getting a response back through the load balancers.
The real servers can get through fine when access the wed, but the
getting
a response back when rewuesting one of the virtual servers wont work!
Im pretty sure its an IPTables problem. Ive tried several solution but
none seem to work.
Here is my current attempt
/usr/local/sbin/iptables -t nat -A POSTROUTING -s 192.168.0.70 -d
0.0.0.0/0 -j SNAT --to-source 212.161.72.2
/usr/local/sbin/iptables -t nat -I POSTROUTING -s 192.168.0.90 -d
0.0.0.0/0 -j SNAT --to-source 212.161.72.2
/usr/local/sbin/iptables -t nat -I POSTROUTING -s 192.168.0.100 -d
0.0.0.0/0 -j SNAT --to-source 212.161.72.70
and 101/102 etc
/usr/local/sbin/iptables -t nat -I POSTROUTING -s 192.168.0.110 -d
0.0.0.0/0 -j SNAT --to-source 212.161.72.75
and 111/112 etc
/usr/local/sbin/iptables -t nat -I POSTROUTING -s 192.168.0.120 -d
0.0.0.0/0 -j SNAT --to-source 212.161.72.76
and 121/122 etc
/usr/local/sbin/iptables -t nat -I POSTROUTING -s 192.168.0.130 -d
0.0.0.0/0 -j SNAT --to-source 212.161.72.77
and 131/132 etc
/usr/local/sbin/iptables -t nat -I POSTROUTING -s 192.168.0.140 -d
0.0.0.0/0 -j SNAT --to-source 212.161.72.78
and 141/142 etc
ive also tried
/usr/local/sbin/iptables -t nat -A POSTROUTING -s 192.168.0.0/24 -d
0.0.0.0/0 -j SNAT --to-source 212.161.72.2
and
/usr/local/sbin/iptables -t nat -A POSTROUTING -s 192.168.0.0/24 -d
0.0.0.0/0 -j MASQUERADE
ive read something about fwmark but i dont have a clue what it is
The output of ipvsadm -Lcn is :-
IPVS connection entries
pro expire state source virtual destination
TCP 00:56.03 SYN_RECV 212.161.72.12:1437 212.161.72.70:80
192.168.0.101:80
Any advice?
Stuart Fox
PS can I up the expirt time to 30 mins?
stuart.vcf
Description: Card for Stuart Fox
|