|
Kip Iles wrote:
> Since I brought up the tunl0:1 interface on dir_B for the second service,
hmm, what is a "second service"?
I
> see nothing. It is dead to the world. Unfortunately it is also 250 miles
> away with no terminal server and no other route to the inside reserved ip
> addresses.
I see. You could go mad trying to debug this, especially with filter rules
running on LVS_B. Can you get some machines
locally to test it out. Convert one of your realservers to simulate dir_B?
> I had them reboot dir_B at the remote site but it never
> reestablished communications, probably because
> /etc/sysconfig/network-scripts/ifcfg-tunl0:1 brought the tunnel back up on a
> reboot.
>
> The primary tunnel tunl0 did not cause this problem but did not work,
> either. Tcpdump showed the return packet trying to go through the tunnel.
your route is set incorrectly on dir_B I expect.
> IPTABLES conf on dir_B
> iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
you have iptables, so I assume you're running 2.4. If you have
2.4 LVS-NAT you can't have external masq rules for ipvs, they're built into
the ipvs code.
> I thought this was going to be easy!
to quote a recent posting "no-one has ever setup an LVS in a hurry"
Joe
--
Joseph Mack PhD, Senior Systems Engineer, Lockheed Martin
contractor to the National Environmental Supercomputer Center,
mailto:mack.joseph@xxxxxxx ph# 919-541-0007, RTP, NC, USA
|
