Re: Geographically Distributed LVS

To:	<lvs-users@xxxxxxxxxxxxxxxxxxxxxx>
Subject:	Re: Geographically Distributed LVS
From:	"Kip Iles" <kip@xxxxxxxxxxxxxxx>
Date:	Wed, 31 Oct 2001 11:10:40 -0500

Thanks, Joe. You and Julian are both helping on two different threads and I
appreciate the input.

> Joe wrote:
> I would expect it is already happening. What do you see that shows you
that it's
> not happening?

Since I brought up the tunl0:1 interface on dir_B for the second service,  I
see nothing. It is dead to the world. Unfortunately it is also 250 miles
away with no terminal server and no other route to the inside reserved ip
addresses. I had them reboot dir_B at the remote site but it never
reestablished communications, probably because
/etc/sysconfig/network-scripts/ifcfg-tunl0:1 brought the tunnel back up on a
reboot.

The primary tunnel tunl0 did not cause this problem but did not work,
either. Tcpdump showed the return packet trying to go through the tunnel.
This is why I was questioning the order of processing of ipip, VS-NAT,
VS-TUN, and iptables. I really suspect that I misconfigured iptables to
masquerade all outbound traffic from the realservers. I don't really know.
It did work fine if I tried to access the RS service directly on dir_B and
before I changed eth0:1 to tunl0 (could no longer access the service on the
RS) and eth0:2 tunl0:1 (could no longer access dir_B).

IPVSADM script on dir_B (best I can remember - it's down)
ipvsadm -C
ipvsadm -A -t a.b.c.41:80
ipvsadm -A -t a.b.c.42:80
#====================
ipvsadm -a -t a.b.c.41:80 -r 172.16.20.15 -m
ipvsadm -a -t a.b.c.42:80 -r 172.16.20.35 -m

IFCONFIG on dir_B
eth0: a.b.c.46/0.0.0.15
eth1: 172.16.20.10/0.0.0.15
tunl0: a.b.c.41/0.0.0.15 noarp
tunl0:1 a.b.c.42/0.0.0.15 noarp
default route: a.b.c.35/0.0.0.15

ifconfig on RSA (behind dir_B)
eth0:172.16.20.15/0.0.0.255
default route: 172.16.20.10/0.0.0.255

ifconfig on RSB (behind dir_B)
eth0:172.16.20.35/0.0.0.255
default route: 172.16.20.10/0.0.0.255

IPTABLES conf on dir_B
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
----------------------------------------------------------------------------
--
IPVSADM script on dir_A (just the relevant portion)
ipvsadm -A -t x.y.z.51:2051
ipvsadm -A -t x.y.z.53:2051
#===================
ipvsadm -a -t x.y.z.51:2051 -r a.b.c.41 -i
ipvsadm -a -t x.y.z.51:2051 -r 172.16.2.15 -i
ipvsadm -a -t x.y.z.53:2051 -r a.b.c.42 -i
ipvsadm -a -t x.y.z.53:2051 -r 172.16.2.25 -i

IFCONFIG on dir_A
eth0: x.y.z.55/0.0.0.31
eth1: 172.16.20.10/0.0.0.255
eth0:1: x.y.z.51/0.0.0.31
eth0:3: x.y.z.53/0.0.0.31
default route: x.y.z.35/0.0.0.31

I thought this was going to be easy!

--kip

<Prev in Thread]	Current Thread	[Next in Thread>
Re: Geographically Distributed LVS, Kip Iles <= Re: Geographically Distributed LVS, Joseph Mack Re: Geographically Distributed LVS, Kip Iles Re: Geographically Distributed LVS, Kip Iles RE: Geographically Distributed LVS, Peter Mueller Re: Geographically Distributed LVS, Kip Iles RE: Geographically Distributed LVS, Peter Mueller Re: Geographically Distributed LVS, Horms RE: Geographically Distributed LVS, Peter Mueller Re: Geographically Distributed LVS, Lars Marowsky-Bree Re: Geographically Distributed LVS, Horms

Next by Date:	Re: Geographically Distributed LVS, Kip Iles
Next by Thread:	Re: Geographically Distributed LVS, Joseph Mack
Indexes:	[Date] [Thread] [Top] [All Lists]