|
Hi,
Yes of course, sorry about the lack of info, I was puzzling it all together
:)
Let me complete the story. Everything is behind a Checkpoint firewall that
performs NAT to the inside world, so the connections come from real
ip-addresses but have been NATted first at the firewall before beeing
allowed internally.
I have no problem with two FreeBSD boxes, so I guess there should be some
tuning/configing stuff on the NT.
All I could find about the SYN_RECV is that this state is marked if the
director didn't detect a complete TCP connect. This seems pretty logical
since everything is on a switch and the realservers don't send back to the
LVS :((
I use Keepalived on the LVS machines (Keepalived v0.5.3 (22/02, 2002)) for
High Availability and failover of director and realservers.
Here is a little shema. The load balancers each balance for a different
service, but they are each others backup.
------------- |
| LVS1 .140 |--------|
------------- |
|
------------- |
| LVS2 .60 |--------|
------------- |
|
----------------------------------
| | |
------------ ------------ ------------
| NT .141 | | NT .142 | | NT .145 |
------------ ------------ ------------
The LVS config is as folows:
# ipvsadm -L -n
IP Virtual Server version 0.9.9 (size=65536)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.202.140:443 wlc persistent 3600
-> 192.168.202.145:443 Route 1 0 0
-> 192.168.202.141:443 Route 1 0 0
-> 192.168.202.142:443 Route 1 0 0
TCP 192.168.202.60:443 wlc persistent 360
-> 192.168.202.52:443 Route 1 0 94
-> 192.168.202.51:443 Route 1 2 35
The NT config is as follows, I use the 255.255.255.255 netmask hack on the
loopback driver I found in the HOW-TO.
C:\WINNT\system32\>ipconfig /all
Windows NT IP Configuration
Host Name . . . . . . . . . : sk1
DNS Servers . . . . . . . . : 192.168.212.200
Node Type . . . . . . . . . : Hybrid
NetBIOS Scope ID. . . . . . :
IP Routing Enabled. . . . . : No
WINS Proxy Enabled. . . . . : No
NetBIOS Resolution Uses DNS : No
Ethernet adapter E100B1:
Description . . . . . . . . : Intel(R) PRO PCI Adapter
Physical Address. . . . . . : 00-D0-B7-91-5D-88
DHCP Enabled. . . . . . . . : No
IP Address. . . . . . . . . : 192.168.212.179
Subnet Mask . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . :
Primary WINS Server . . . . : 192.168.212.200
Ethernet adapter E100B2:
Description . . . . . . . . : Intel 82557-based Integrated Fast
Ethernet
Physical Address. . . . . . : 00-B0-D0-49-92-C4
DHCP Enabled. . . . . . . . : No
IP Address. . . . . . . . . : 192.168.202.141
Subnet Mask . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . : 192.168.202.1
Ethernet adapter NDISLoop3:
Description . . . . . . . . : MS LoopBack Driver
Physical Address. . . . . . : 20-4C-4F-4F-50-20
DHCP Enabled. . . . . . . . : No
IP Address. . . . . . . . . : 192.168.202.140
Subnet Mask . . . . . . . . : 255.255.255.255
Default Gateway . . . . . . : 192.168.202.1
Could you specify more what tcpdump info you want, and how I could get that
on the NT realserver box (is there a soft available for this?).
Thanks for any insight. I was convinced this should work since I use it for
more than 1 month now on other servers, but I seem to have hit a wall here
:((
Oh, and everything is interconected using a Cisco 2948G switch. The FreeBSD
system is on a cheap 3COM switch, and both are interconnected.
On 04-03-2002 22:20, "Peter Mueller" <pmueller@xxxxxxxxxxxx> wrote:
>
> Can you show us..
>
> 1 - simple network map or a listing of what IP is what
> 2 - tcpdump from director and NT application box of the problem
> 3 - ipvsadm -L -n and/or your configuration script on your director
> 4 - ipconfig /all on NT boxes
|
