|
Hello,
Please make sure that your real server can reach the client directly. If
the response packets went through the director, the director would drop
them by the default.
Regards,
Wensong
On 1 Jan 2002, khiz nms wrote:
>
> Hi all
> i m facing a problem with my TUN setup
>
> my real server is on a seperate network from the director and is not prone to
> the ARP problem coz there is no routing for the VIP which leads to the
> realserver's network!!
> realserver is redhat 6.2 VIP 202.120.130.102
>
> ipvsadm is correctly configured for tunnelling to the RIP and this i have
> verified by using tcpdump on the Realserver and i see packets CIP->RIP
> hitting the realserver
>
> tcpdump on realserver
> eth2 < 10.1.5.5.2051 > 202.120.130.102.www: S 421444096:42144409 6(0) win
> 65535 <mss 1460> (DF) (ipip)
>
> where 10.1.5.5 is CIP 202.120.130.102 is the VIP
>
> the director has only one NIC configured with VIP
> result of ipvsadm .. the director and the realserver dont have any network in
> common so the arp problem does not exist in my case
>
> IP Virtual Server version 1.0.8 (size=32768)
> Prot LocalAddress:Port Scheduler Flags
> -> RemoteAddress:Port Forward Weight ctiveConn InActConn
> TCP 202.120.130.102:www rr
> -> 10.1.11.225:www Tunnel 4 0 2
>
> However connections from the client seem to hang
>
> IP spoofing is enabled on the routers because doing
> traceroute -n -s VIP someother IP FROM the REALSERVER
> result in icmp port unreachable messages occuring on the Director which only
> arps for the VIP.. this impies that spoofing of VIP from REALSERVER is
> permitted
>
> i have configured VIP on tunl0 of REALSERVER
>
> telnet VIP www from realserver itself is also successful
>
>
> ifconfig on REALSERVER gives
> eth2 blah blah 10.1.11.225
> tunl0 Link encap:IPIP Tunnel HWaddr
> inet addr:202.140.120.102 Mask:255.255.255.255
> UP RUNNING NOARP MTU:1480 Metric:1
>
> route -n shows on REALSERVER
> 202.120.130.102 0.0.0.0 255.255.255.255 UH 0 0 0 tunl0
> 10.1.11.225 0.0.0.0 255.255.255.255 UH 0 0 0 eth2
> 10.1.11.0 0.0.0.0 255.255.255.0 U 0 0 0 eth2
> 127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo
> 0.0.0.0 10.1.11.51 0.0.0.0 UG 0 0 0 eth2
> VIP
>
> a route to the VIP exists with dev tunl0 ( only one VIP in use on the
> realserver)
>
> ip forwarding enabled on realserver
> lsmod shows ipip ;-)
> i dunno whats wrong with the configuration
> pls help me out
> BTW realserver is 6.2 redhat 2.2.14-5.0 ipip is a module
>
> TIA
> Khiz
> P>S the only commands i used on the director
> ipvsadm -A -t 202.120.130.102:80 -s wlc
> ipvsadm -a -t 202.120.130.102:80 -r 10.1.11.225 -i
>
> i did not use any configure script .. this seems fine coz the director is
> actaully passing tunnelled packets to the Realserver..hope i m right
>
>
>
>
> _______________________________________________
> LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
> Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
> or go to http://www.in-addr.de/mailman/listinfo/lvs-users
>
|
