RE: Problems setting up LVS-NAT

To:	<lvs-users@xxxxxxxxxxxxxxxxxxxxxx>
Subject:	RE: Problems setting up LVS-NAT
From:	"Adam: Kurzawa" <adam@xxxxxxxxxxxxx>
Date:	Fri, 2 Nov 2001 23:00:01 -0500

I have more on the subject.  It appears that the FIRST TIME I try to
connect to the LVS server, I get the connection.  I try this with
"telnet 10.1.1.1 80", it works almost good.  I can send the request
and I get a replay back, but the connection is not immediately closed,
like it would be if I connected to the web server directly.

The subsequent times I try to connect through the LVS server, I get the
scenario I described previously.

Any help is appreciated.

Kind regards,
Adam

-----Original Message-----
From: lvs-users-admin@xxxxxxxxxxxxxxxxxxxxxx
[mailto:lvs-users-admin@xxxxxxxxxxxxxxxxxxxxxx] On Behalf Of Adam:
Kurzawa
Sent: Friday, November 02, 2001 9:34 PM
To: lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Subject: Problems setting up LVS-NAT 

Hi,

I have this problem with packet somehow disappearing from on the LVS
machine
while in transit from a real server back to the client.

I followed the HOWTO (MANY times) to try to find the problem, I think my
problem is that all packets from the server are dropped on the way back
from the real server, same as this Q&A below.

The solution is however, much more difficult, my "rp_filter" is set at 0
on ALL
interfaces... and the iptables firewall is set to ACCEPT all packets on
all
tables and chains.

I must have spent over 2 days trying to figure it out, and I am really
stuck now.

Someone here must know where I should look for the problem.  Thanks.

Kind regards,
Adam: Kurzawa

==========================
Q.3 Is the traffic forwarded from the LVS box, in both directions?

        For all interfaces on director:
        tcpdump -ln host CLIENT_IP

        The right sequence, i.e. the IP addresses and ports on each
        step (the reversed for the in->out direction are not shown):

        CLIENT
           | CIP:CPORT -> VIP:VPORT
           |            ||
           |            \/
 out       | CIP:CPORT -> VIP:VPORT
 ||     LVS box
 \/        | CIP:CPORT -> RIP:RPORT
 in        |            ||
           |            \/
           | CIP:CPORT -> RIP:RPORT
           +
        REAL SERVER

A.4 All packets from the client are dropped

        - the requests are received on wrong interface with rp_filter
        protection
        - firewall rules drop the requests




_______________________________________________
LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
or go to http://www.in-addr.de/mailman/listinfo/lvs-users

<Prev in Thread]	Current Thread	[Next in Thread>
Problems setting up LVS-NAT, Thomas Lamy Re: Problems setting up LVS-NAT, Julian Anastasov Re: Problems setting up LVS-NAT, Joseph Mack Problems setting up LVS-NAT, Adam: Kurzawa RE: Problems setting up LVS-NAT, Adam: Kurzawa <= Re: Problems setting up LVS-NAT, Julian Anastasov RE: Problems setting up LVS-NAT, Adam: Kurzawa RE: Problems setting up LVS-NAT, Julian Anastasov LVS and ext3 conflict, Adam: Kurzawa Slightly OT(?) - Linux 2.4 & "DSR" (aka Switchback), Jared Reimer Re: Slightly OT(?) - Linux 2.4 & "DSR" (aka Switchback), Julian Anastasov Re: Slightly OT(?) - Linux 2.4 & "DSR" (aka Switchback), Joseph Mack Re: Slightly OT(?) - Linux 2.4 & "DSR" (aka Switchback), Jared Reimer Re: LVS and ext3 conflict, Hervé Guehl Re: LVS and ext3 conflict, Alexandre Cassen

Previous by Date:	Problems setting up LVS-NAT, Adam: Kurzawa
Next by Date:	Re: Problems setting up LVS-NAT, Julian Anastasov
Previous by Thread:	Problems setting up LVS-NAT, Adam: Kurzawa
Next by Thread:	Re: Problems setting up LVS-NAT, Julian Anastasov
Indexes:	[Date] [Thread] [Top] [All Lists]