|
Ok, so why am I not able to route directly to my realservers
(10.80.1.21/22) from my NAT gateway/firewall?
I checked, and after the configuration script is run the realservers do not
have a default gateway in their route. I can't ping outside services from
the realservers (google.com for example), and adding a default route has no
effect. This is the same problem that we were discussing last month.
"Joseph Mack wrote:
On the realservers do
#ip rule show
This will show the tables RIP and VIP. These two tables have the
routes for packets from the RIP (which are routed to the DIP) and
routes for packets from the VIP (which are routed to the SGW).
To show these routes do
#ip route show table RIP
#ip route show table VIP
the configure script installs these routes if it finds `ip` on your
machine. To stop them being installed, rename ip to _ip, delete the
rules (or reboot the realservers), create a new rc.lvs from the same
conf file and reinstall the LVS."
The output of those commands:
[root@prod-zope-atl01 root]# ip rule show
0: from all lookup local
99: from 10.80.1.20 lookup VIP
100: from 10.80.1.21 to 10.80.1.0/24 lookup RIP
100: from 10.80.1.21 lookup RIP
32766: from all lookup main
32767: from all lookup 253
[root@prod-zope-atl02 root]# ip route show table RIP
10.80.1.0/24 dev eth0 scope link src 10.80.1.22
default via 10.80.1.101 dev eth0
[root@prod-zope-atl02 root]# ip route show table VIP
default via 10.80.1.3 dev eth0
While I can move the ip command and reconfigure, is this the best option?
I like the direct routing rules being used, and if I can modify them some
to keep the routing the same except for firewall/vpn traffic, I would be
happy.
Matt Gregory
Web Developer
CTI, Inc.
cell: 678-458-6513
ioem: matt.gregory@xxxxxxxxx *see key block below
ooem: matthew.gregory@xxxxxxxxxxxx
Joseph Mack
<mack.joseph@xxxxxxx> To:
lvs-users@xxxxxxxxxxxxxxxxxxxxxx, Matt.Gregory@xxxxxxxxx
Sent by: cc:
lvs-users-admin@LinuxVirtua Subject: Re: Again
this comes up... :-)
lServer.org
09/12/2002 06:14 AM
Please respond to lvs-users
Matt.Gregory@xxxxxxxxx wrote:
> I'm suspicious of this output from the rv.lvs_dr configure script:
>
> routing for table VIP
> default via 10.80.1.3 dev eth0
this means that packets with src_addr=VIP are sent to x.x.x.3
> routing for table RIP
> 10.80.1.0/24 dev eth0 scope link src 10.80.1.21
> default via 10.80.1.101 dev eth0
this means that packets with src_addr=RIP are sent to x.x.x.101
Joe
--
Joseph Mack PhD, Senior Systems Engineer, Lockheed Martin
contractor to the National Environmental Supercomputer Center,
mailto:mack.joseph@xxxxxxx ph# 919-541-0007, RTP, NC, USA
_______________________________________________
LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
or go to http://www.in-addr.de/mailman/listinfo/lvs-users
--
NOTICE: This e-mail message and all attachments transmitted with it may
contain legally privileged and confidential information intended solely
for the use of the addressee. If the reader of this message is not the
intended recipient, you are hereby notified that any reading,
dissemination, distribution, copying, or other use of this message or
its attachments, hyperlinks, or any other files of any kind is strictly
prohibited. If you have received this message in error, please notify
the sender immediately by telephone (865-218-2000) or by a reply to this
electronic mail message and delete this message and all copies and
backups thereof.
|
