[LVS tun]: ftp-datas running over director

[Andreas Hartmann <andreas.hartmann@xxxxxx>]

Hello all,

I set up an LVS for ftp via tunneling (scheduling: wlc). The LVS is
running, but there are some little problems:
if the clients put datas on the servers, all datas are going over the
director's interphase and are tunneld. I don't think that this is the
expected behaviour. Or am I wrong? I expect, that the datas go directly
to the appropriate realsrv.

The other problem is:
If I do ssh eg. to the virtual IP 10.48.1.77, I'm connected to one of
the realservers though I didn't configured this. Why?


Here is my configuration:
-> All boxes running kernel 2.2.19, same kernel-config

-> Kernel config:
  <M> Packet socket
  [*] Kernel/User netlink socket
  [*] Routing messages
  [*] Network firewalls
  <*> Unix domain sockets
  [*] TCP/IP networking
  [*] IP: firewalling
  [*] IP: masquerading
  [*] IP: masquerading virtual server support (EXPERIMENTAL)
  (12)   IP masquerading VS table size (the Nth power of 2)
  <M>   IPVS: round-robin scheduling
  <M>   IPVS: weighted round-robin scheduling
  <M>   IPVS: least-connection scheduling
  <M>   IPVS: weighted least-connection scheduling
  <M>   IPVS: locality-based least-connection scheduling
  <M>   IPVS: locality-based least-connection with replication
scheduling
  <M> IP: tunneling
  [*] IP: aliasing support
  [*] IP: Allow large windows (not recommended if <16Mb of memory)


The virtual IP-address for the ftp-service is 10.48.1.77 .

The addresses of the machines are as following:
Virtual server: 10.48.1.92
realserver 1:    10.48.1.109
realserver 2:    10.48.1.110



Configuration virtual server:

# ifconfig
eth0      Link encap:Ethernet  HWaddr 00:04:AC:9B:62:1D
          inet addr:10.48.1.92  Bcast:10.48.1.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:24541729 errors:0 dropped:0 overruns:0 frame:0
          TX packets:25345728 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100
          Interrupt:15 Base address:0xc000

eth0:0    Link encap:Ethernet  HWaddr 00:04:AC:9B:62:1D
          inet addr:10.48.1.77  Bcast:10.48.1.77  Mask:255.255.255.255
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          Interrupt:15 Base address:0xc000

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          UP LOOPBACK RUNNING  MTU:3924  Metric:1
          RX packets:1165248 errors:0 dropped:0 overruns:0 frame:0
          TX packets:1165248 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0

# route
Kernel IP routing table
Destination     Gateway          Genmask                Flags
Metric     Ref    Use     Iface
10.48.1.77       *                      255.255.255.255     UH
0              0       0         eth0
10.48.1.0         *                      255.255.255.0
U            0              0       0         eth0
loopback         *                      255.0.0.0
U            0              0       0         lo
default             10.48.1.10        0.0.0.0
UG          0              0       0         eth0


# ipvsadm -L
IP Virtual Server version 1.0.8 (size=4096)
Prot LocalAddress:Port Scheduler Flags
  -> RemoteAddress:Port             Forward Weight ActiveConn InActConn
TCP  10.48.1.77:ftp wlc persistent 600
  -> 10.48.1.109:ftp                Tunnel  1      70         606
  -> 10.48.1.110:ftp                Tunnel  1      61         685

# cat /proc/sys/net/ipv4/ip_forward
1

# lsmod
Module                  Size      Used by
ip_vs_wlc              896       1  (autoclean)
af_packet               5708     0  (autoclean)
eepro100               16276   1  (autoclean)


The realservers have the following config:

# ifconfig
eth1      Link encap:Ethernet  HWaddr 00:02:B3:3C:C7:39
          inet addr:10.48.1.109  Bcast:10.48.1.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:1018199 errors:0 dropped:0 overruns:0 frame:0
          TX packets:993720 errors:0 dropped:0 overruns:1 carrier:0
          collisions:0 txqueuelen:100
          Interrupt:5 Base address:0x74c0 Memory:e029a000-e029ac40

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          UP LOOPBACK RUNNING  MTU:3924  Metric:1
          RX packets:925249 errors:0 dropped:0 overruns:0 frame:0
          TX packets:925249 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0

tunl0     Link encap:IPIP Tunnel  HWaddr
          inet addr:10.48.1.77  Mask:255.255.255.255
          UP RUNNING NOARP  MTU:1480  Metric:1
          RX packets:394162 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0

# route
Kernel IP routing table
Destination         Gateway         Genmask             Flags
Metric     Ref        Use     Iface
10.48.1.77           *                     255.255.255.255  UH
0             0           0          tunl0
10.48.1.0             *                     255.255.255.0
U            0             0           0         eth1
loopback            *                      255.0.0.0
U            0             0           0         lo
default                10.48.1.10        0.0.0.0
UG          0             0           0         eth1

# lsmod
Module                  Size      Used by
af_packet               5708       0  (autoclean)
ipip                         4892       1
e100                      51236      1  (autoclean)


# cat /proc/sys/net/ipv4/conf/all/hidden
1
# cat /proc/sys/net/ipv4/conf/tunl0/hidden
1


Does anybody know, where the problem is? I had a testinstallation with
2.2.17 before this installation - and in test all has worked fine.


Regards and thank you very much for every help or tip,
Andreas Hartmann