LVS
lvs-users
[Top] [All Lists]
Google
 
Web LinuxVirtualServer.org
<prev [Date] next> <prev [Thread] next>

LVS-TUN headaches

from [khiz nms] [Permanent Link]
To: lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Subject: LVS-TUN headaches
From: "khiz nms" <khiznms@xxxxxxxxxxxxxx>
Date: 31 Dec 2001 08:54:41 -0000 
Hi all
i m facing a problem with my TUN setup

my real server is on a seperate network from the director and is not prone to 
the ARP problem coz there is no routing for the VIP which leads to the 
realserver's network!!
 realserver is redhat 6.2 VIP 202.120.130.102

ipvsadm is correctly configured for tunnelling to the RIP and this i have 
verified by using tcpdump on the Realserver and i see packets CIP->RIP hitting 
the realserver

tcpdump on realserver
 eth2 < 10.1.5.5.2051 > 202.120.130.102.www: S 421444096:42144409 6(0) win 
65535 <mss 1460> (DF) (ipip) 
where 10.1.5.5 is CIP

the director has only one NIC configured with VIP
result of ipvsadm

IP Virtual Server version 1.0.8 (size=32768)
Prot LocalAddress:Port Scheduler Flags
 -> RemoteAddress:Port Forward Weight ctiveConn InActConn
TCP 202.120.130.102:www rr
  -> 10.1.11.225:www     Tunnel  4      0          2     

However connections from the client seem to hang

IP spoofing is enabled on the routers because doing 
traceroute -n -s VIP someother IP from the REALSERVER
 result in icmp port unreachable messages occuring on the Director which only 
arps for the VIP.. this impies that spoofing of VIP from REALSERVER is permitted

i have configured VIP on tunl0 

telnet VIP www  from realserver itself is also successful


ifconfig on REALSERVER gives
eth2  blah blah 10.1.11.225
tunl0     Link encap:IPIP Tunnel  HWaddr
          inet addr:202.140.120.102  Mask:255.255.255.255
          UP RUNNING NOARP  MTU:1480  Metric:1

route -n shows
202.120.130.102 0.0.0.0         255.255.255.255 UH    0      0        0 tunl0
10.1.11.225     0.0.0.0         255.255.255.255 UH    0      0        0 eth2
10.1.11.0       0.0.0.0         255.255.255.0   U     0      0        0 eth2
127.0.0.0       0.0.0.0         255.0.0.0       U     0      0        0 lo
0.0.0.0         10.1.11.51      0.0.0.0         UG    0      0        0 eth2 VIP

a route to the VIP exists with dev tunl0 ( only one VIP in use on the 
realserver)

ip forwarding enabled on realserver 
lsmod shows ipip ;-)
i dunno whats wrong with the configuration
pls help me out
BTW realserver is 6.2 redhat  2.2.14-5.0  ipip is a module

TIA 
Khiz
P>S the only commands i used on the director
ipvsadm -A -t 202.120.130.102:80 -s wlc
ipvsadm -a -t 202.120.130.102:80 -r 10.1.11.225 -i

i did not use any configure script .. this seems fine coz the director is 
actaully passing tunnelled packets to the Realserver..hope i m right
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
  • LVS-TUN headaches, khiz nms <=
Previous by Date:  Re Re: Problems compiling ipvs-0.8.2, khiz nms
Previous by Thread:  Re Re: Problems compiling ipvs-0.8.2, khiz nms
Indexes:  [Date] [Thread] [Top] [All Lists]