|
"Lizambri, Todd" wrote:
>
> > > In the lvs_nat.conf, I had put in the alias eth0:1(I though
> > the script
> > > would do an ifconfig on the director to set-up the aliased
> > interface).
> >
> > it should.
> >
>
> If the VIP is configured, then the script fails because it doesn't know
> if it is a director or a realserver.
it should detect whether it's the director or the realserver by the DIP.
Initially there is not VIP on the director.
> OK. I'm using aliases now (configured in network-scripts and in the
> lvs_nat.conf),
the script will put the VIP (as an alias) onto the director. If you
already have the VIP on the director, the script will attempt to remove it.
I presume this is what the script is doing, but I don't know why
it fails to remove the old VIP yet.
> 1) my default GW goes away when I run the rc.lvs_nat.
OK let's keep track of this one.
> 2) connections initiated from the realserver to clients outside the LVS
> see the realsever's address and not the VIP.
which is what they're supposed to do with VS-NAT.
> I haven't sent you any files (rc.lvs_out)? I think Matthew sent you
> files on Friday.
OK I'm confused - someone sent me output with a similar problem.
> One of the original problems was that I configured interface eth1 with
> address 10.136.60.121 and
> set "VIP=eth1:121 10.139.60.121" in the lvs_nat.conf. This caused a
> problem in the rc.lvs_nat because function remove_old_vip() compares the
> device found in ifconfig for address 10.139.60.121 with the eth1:121 in
> the config file. Since "eth1" != "eth1:121" then vip_warning...exit!
OK it couldn't remove the original VIP, because it wasn't on an alias.
> OK I think was my mistake, I shouldn't use eth1:121 in the config file
> if my ifconfig for my VIP address is not an alias.
not really a mistake. Just something I hadn't anticipated anyone doing.
I do say somewhere that you have to have networking setup initially,
which means an IP on the outside of the director, but I didn't trap
the lack of an IP on the outside of the director as an error.
Both the VIP and the DIP have to be able to move to a backup
director if the main one fails, so they have to be on an alias.
> So I switched to use aliases, since that's what your used to.
> Starting from scratch (and using aliases to mimic what you are used to):
>
> My configuration is:
> (LVS-NAT/ RH7.1 (ifconfig/route) / Kernel 2.4.17+IPVS 2.0.8 patches /
> Configure 0.9.2)
>
> This time I am using aliases for my VIP/DIP. Here is the ifconfig
> (editted to omit stats) and netstat -rn after a clean reboot.
> $ifconfig
> eth0 Link encap:Ethernet HWaddr 00:D0:B7:B9:F9:7F
> inet addr:192.168.1.10 Bcast:192.168.1.255
> Mask:255.255.255.0
>
> eth0:1 Link encap:Ethernet HWaddr 00:D0:B7:B9:F9:7F
> inet addr:192.168.1.1 Bcast:192.168.1.255 Mask:255.255.255.0
I assume this is the DIP
> eth1 Link encap:Ethernet HWaddr 00:D0:B7:B9:F9:7E
> inet addr:10.139.60.127 Bcast:10.139.63.255
> Mask:255.255.252.0
>
> eth1:121 Link encap:Ethernet HWaddr 00:D0:B7:B9:F9:7E
> inet addr:10.139.60.121 Bcast:10.139.63.255 Mask:255.255.252.0
if this is the VIP, the script will attempt to remove it or will fail if it
can't.
> lo Link encap:Local Loopback
> inet addr:127.0.0.1 Mask:255.0.0.0
> $netstat -rn
> Kernel IP routing table
> Destination Gateway Genmask Flags MSS Window irtt
> Iface
> 192.168.1.0 0.0.0.0 255.255.255.0 U 40 0 0
> eth0
> 10.139.60.0 0.0.0.0 255.255.252.0 U 40 0 0
> eth1
> 127.0.0.0 0.0.0.0 255.0.0.0 U 40 0 0
> lo
> 0.0.0.0 10.139.60.1 0.0.0.0 UG 40 0 0
> eth1
>
> NOTICE THE DEFAULT GW (it will soon disappear :-)
>
> Network set-up (same as before):
> # ________
> # | |
> # | client |
> # |________|
> # | clients in the 10.139.64 space
> # |
> # ________
> # | |
> # | router |
> # |________|
> # CIP=eth0 10.139.60.1 (this is actually a router)
> # |
> # |
> # VIP=eth1:121 10.139.60.121/22
> # __________
> # | |
> # | director | penguin1
> # |__________|
> # DIP=eth0:1 192.168.1.1
> # |
> # |
> # |
> # --------------------------------------------------
> # | | | |
> # | | | |
> # RIP1=eth0 RIP2=eth0 RIP3=eth0 RIP4=eth0
> # 192.168.1.2 192.168.1.3 192.168.1.4 192.168.1.5
> # ______________ ______________ ___________ ___________
> # | | | | | | | |
> # | realserver1 | | realserver2 | | rs3 | | rs4 |
> # |______________| |______________| |___________| |___________|
> # penguin2 penguin3 penguin4 penguin5
>
> ########################
> #/etc/hosts file:
> ########################
> #VIP, the IP the clients connect to
> 10.139.60.121 penguin1
> #
> #DIP is the IP on the director in the real-server network
> 192.168.1.1 dip
> #
> #GW, my test client (actually a router to my clients)
> 10.139.60.1 client2
fine
> #
> #real-servers
> 192.168.1.2 penguin2
> 192.168.1.3 penguin3
> 192.168.1.4 penguin4
> 192.168.1.5 penguin5
:-)
> ####################
> #lvs_nat.conf file:
> ####################
> LVSCONF_FORMAT=1.1
> LVS_TYPE=VS_NAT
> INITIAL_STATE=on
> CLEAR_IPVS_TABLES=yes
>
> VIP=eth1:121 penguin1 255.255.252.0 penguin1
>
> DIP=eth0:1 dip 192.168.1.0 255.255.255.0 192.168.1.255
>
> DIRECTOR_GW=client2
>
> SERVICE=t 4300 rr penguin2:4300,1 penguin3:4300,1 penguin4:4300,1
> penguin5:4300,1
>
> SERVER_NET_DEVICE=eth0
>
> #### end of lvs_nat.conf ####
>
> Any ideas why I'm having the problems 1) and 2) as mentioned above?
all looks fine to me.
Just to make things easy, can you remove the VIP from ifconfig and
run the script again. If it fails can you send me _offline_
to mailto:mack@xxxxxxxxxxxxxxxxxxxx, the output of
sh -x rc.lvs_nat > rc.lvs_out 2>&1
thanks Joe
--
Joseph Mack PhD, Senior Systems Engineer, Lockheed Martin
contractor to the National Environmental Supercomputer Center,
mailto:mack.joseph@xxxxxxx ph# 919-541-0007, RTP, NC, USA
|
