|
HI all;
Here below I explain you my configuration .The problemm is that
when I try to stablish TCp connection from one of the real servers
(172.16.1.103 or 172.16.1.102 )to external machine across one tcp
port (Example 1812),It arrives to LVS server but the source IP
adress is not changed.Then when external machine try to answer to
tcp connection stablishment it sends the answer to source internal
IP adress of real server (172.16.1.102 or 172.16.1.103 ) and the
packet is lost.If we try to connect in reverse way (from external
machine to real server) it works fine cause source IP adress is a
real IP an not an Internal IP,and LVS works fine loadbalancing
between realservers and performing NAT over Destination IP
adress.We have partially solved this problemm using iptables in
order to perform NAT over source IP adress when sending the TCP
connection packet ,but we consider LVS must do this conversion in
the right way whitout iptables use.
Thanks again
Jorge
"Jorge Alberto Gordillo Polo EEM/TM/VT TU-001 Tlf.1748" wrote:
>
> Hi all.I have linux-2.4.2-lvs installed over Red hat 6.0.
>
> #uname -a
> Linux eceiolab 2.4.2 #2 SMP Tue Oct 16 11:24:00 CEST 2001 i686
> unknown
>
> I have problems when trying to stablish tcp connection from
> internal
> machine to external machine.This is my configuration:
>
> |
> |
> ___________
> | | VIP=192.168.1.110
> (eth0:110)
> | Linux with LVS |
> |__________| DIP=172.16.1.1 (eth0:9)
> |
> |
> -----------------
> | |
> | |
> RIP1=172.16.1.102 RIP2=172.16.1.103
> _____________ _____________
> | | |
> | | |
> |realserver | |realserver |
> |_____________| |_____________|
>
> The route table has been created in the following way:
>
> echo "
> -A -t 192.168.1.110:1812 -s rr
> -a -t 192.168.1.110:1812 -r 172.16.1.102:1812 -m
> -a -t 192.168.1.110:1812 -r 172.16.1.103:1812 -m
> " | ipvsadm -R
> echo "
> -A -t 192.168.1.110:1813 -s rr
> -a -t 192.168.1.110:1813 -r 172.16.1.102:1813 -m
> -a -t 192.168.1.110:1813 -r 172.16.1.103:1813 -m
> " | ipvsadm -R
>
> Then as I told you before we have problems when trying to stablish
> Tcp connection from one real server to other machine in external
> network.The TCP first packet sended in order to establish TCP
> session arrives to external machine ,however the acknowledge
> packet doesnt arrive to realserver .Then TCP connection never can
> be stablished.
> It looks like masquerading is not well done by LVS and source IP
> adress is sent with realserver adress instead of VIP adress and
> then the packet is lost.
> When we try to stablish the TCP connection just in the reverse
> order (from machine in external network to realserver) it works
> fine.
>
> Could you tell me if this is a bug ?
> Are any configuration values wrong in my installation?
>
> Thanks in advance
>
> Jorge
>
> _______________________________________________
> LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
> Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
> or go to http://www.in-addr.de/mailman/listinfo/lvs-users
|
