|
Hi all,
I've set up a lvs-nat cluster, with two real web servers. Works fine.
I planning to be running another service on theses two servers, which
will be used internaly, by the web servers.
From the tests I've been running, it doesn't seem to work. Here is what
I've done :
I run lynx http://VIP/ on real server 1. If the request goes to real
server 2, it's OK. But if it gets back to real server 1 (client=server),
lynx hangs.
VIP = 172.22.48.210
RIP = 172.16.0.101/102
# tcpdump -n port 80
172.16.0.101.4513 > 172.22.48.210.http: S 2382290923:2382290923(0) win
32120 <mss 1460,sackOK,timestamp 27377475 0,nop,wscale 0> (DF)
172.16.0.101.4513 > 172.16.0.101.http: S 2382290923:2382290923(0) win
32120 <mss 1460,sackOK,timestamp 27377475 0,nop,wscale 0> (DF)
And that's it ! 172.16.0.101 does not even send back a SYN !
I guess this is something related to my routing table. I've been going
many tests, none of them was successfull :(
# route -n
Destination Gateway Genmask Indic Iface
172.22.49.87 0.0.0.0 255.255.255.255 UH eth0
172.16.0.101 0.0.0.0 255.255.255.255 UH eth0
172.16.0.111 0.0.0.0 255.255.255.255 UH eth0
127.0.0.0 0.0.0.0 255.0.0.0 U lo
0.0.0.0 172.16.0.1 0.0.0.0 UG eth0
I need to be able to access this real server one directly from my LAN
(172.22.48.0/255.255.240.0), that's why I have the entry 172.22.49.87. I
don't have any network entry for the LAN, otherwise reply packets (for
request made to the virtual server) would not be masqueraded.
172.16.0.101 is the real server IP. 172.16.0.111 is another real server
IP. I don't have any network entry for 172.16.0.0/24, otherwise packets
from real server 1 (172.16.0.101) to real server 2 (172.16.0.102) would
not be masqueraded.
Finnaly, the default route to the cluster 176.16.0.1.
With this routing table, I can do almost anything wish. Real servers are
accessible from any host on the 172.22.48.0/20 network. And each real
server as access to anything on both networks.
Except for request made from one real server to itself ...
Any clues ?
--
Sébastien Bonnet
Experian
|
