|
Hello,
On Tue, 6 Nov 2001, Tao Zhao wrote:
> On Tue, 6 Nov 2001, Joseph Mack wrote:
>
> > I would suspect that the devices aren't up. These directories come and go as
> > the devices are up'ed and down'ed.
> > Do you see these devices with IP numbers in the output of `ifconfig`
>
> You're right! It's not enought just say "ifconfig tunl0 up" to get the
> tunl0 directory in /proc file system. I need also to give VIP to it.
You can enable the sysctl vars for any device by adding 0.0.0.0
as the only address.
> The examples given in
> http://www.linuxvirtualserver.org/VS-IPTunneling.html says:
>
> echo 1 > /proc/sys/net/ipv4/ip_forward
> # insert it if it is compiled as module
> insmod ipip
> ifconfig tunl0 up
> ifconfig dummy0 up
ifconfig dummy0 0.0.0.0 up
> echo 1 > /proc/sys/net/ipv4/conf/all/hidden
> echo 1 > /proc/sys/net/ipv4/conf/dummy0/hidden
> ifconfig dummy0:0 172.26.20.110 up
> route add -host 172.26.20.110 dev dummy0:0
> ifconfig dummy0:1 <Another-VIP> up
>
> This doesn't work for me (kernel 2.4.5), because those /proc files are not
> available until I set VIPs on them.
Yes, dummy0 is not configured correctly.
> Also it does not say I need to set VIP on tunl0. Need I? If yes, what if I
> need multiple VIPs? How can I set those VIPs on tunl0?
for i in 180 182 182
do
ip addr add X.Y.Z.$i dev dummy0
done
> This is what I just did (VIP=xx.xx.xx.180, RIP=xx.xx.xx.230):
>
> $echo 1 > /proc/sys/net/ipv4/conf/all/hidden
> $insmod ipip
> $ifconfig tunl0 up
> $ifconfig dummy0 up
> $ifconfig dummy0:0 xx.xx.xx.180 netmask 255.255.255.128 up
> $echo 1 > /proc/sys/net/ipv4/conf/dummy0/hidden
>
> But I still cannot ping the real server (with RIP=xx.xx.xx.230) from
> director (with VIP=xx.xx.xx.180). Of course, RIP and VIP are on the same
> subnet. arp on the director gives me:
>
> xx.xx.xx.230 (incomplete)
>
> Basically, arp problem not solved yet.
What shows tcpdump -ln arp or host xx.xx.xx.230
arp -an | grep 230
You need to trace on the real server too. IMO, your routing
is wrong somehow.
> > lo is for LVS-DR, tunl0 is for LVS-Tun.
>
> I'm using LVS-Tun. Does that mean I must use tul0 and dummy0?
You can use any device to configure VIPs (local addresses). If
you need to make them hidden then you need to select one device
that will be used explicitly for hidden IPs. Such devices can be
lo or dummy (any unused, even tunl0). The tunl device is a special
device. Once it is configured UP your box can receive IPIP datagrams
and to decapsulate them. You don't need any IP addresses on tunl0 to
do this. Of course, you must have proper filters on tunl because it
is a dangerous feature to receive IPIP from everywhere (spoofing).
> I appreciate your further help.
>
> Thanks so much,
> -Tao
Regards
--
Julian Anastasov <ja@xxxxxx>
|
