|
Hello,
On Fri, 2 Nov 2001, Adam: Kurzawa wrote:
> Hi,
>
> I have this problem with packet somehow disappearing from on the LVS
> machine
> while in transit from a real server back to the client.
>
> I followed the HOWTO (MANY times) to try to find the problem, I think my
> problem is that all packets from the server are dropped on the way back
> from the real server, same as this Q&A below.
But where are your traceroute results?
> The solution is however, much more difficult, my "rp_filter" is set at 0
> on ALL
> interfaces... and the iptables firewall is set to ACCEPT all packets on
> all
> tables and chains.
>
> I must have spent over 2 days trying to figure it out, and I am really
> stuck now.
>
> Someone here must know where I should look for the problem. Thanks.
Just follow the HOWTO, step by step. Check this:
Q.2 Traceroute to client goes through LVS box and reaches the client?
May be the first packet is passed but after an ICMP redirect from
the LVS box the real server is redirected directly to the client which is
on same device. May be I have to change the HOWTO to execute the
traceroute 5 times, not one - these ICMP redirects are real problem.
From the HOWTO: Please, execute the following commands
and provide tcpdump outputs (even censored is not a problem):
rs# tcpdump -ln host CIP
rs# traceroute -n -s RIP CIP
lvs# tcpdump -ln host CIP
client# tcpdump -ln host CIP
Before starting the LVS commands you should be able to
traceroute from real server to client. This is the simplest test
that guarantees that masquerade is working in both directions.
Then start the IPVS commands and check again. If that fails
then you have to start the LVS debugging via /proc.
I can't see your full report with topology, etc. Did I
missed it somewhere, URL?
> Kind regards,
> Adam: Kurzawa
Regards
--
Julian Anastasov <ja@xxxxxx>
|
