|
OK, some progress, I've re-configured my IPS along a very similar route to
suggested, and rebound apache to all addresses.
It now ALWAYS serves from machine 1.
Reading the HOWTO, and I find that the realservers should be able to ping my
client:
So I ran a ping from Machine 2, the one that never serves pages:
ping -I eth1 10.122.16.48
(Where 10.122.16.48 is a client on the LAN)
This returns nothing. Here is my route map for Machine 2:
Destination Gateway Genmask Flags Metric Ref Use
Iface
192.168.0.0 * 255.255.255.0 U 0 0 0 eth1
10.122.0.0 * 255.255.0.0 U 0 0 0 eth0
127.0.0.0 * 255.0.0.0 U 0 0 0 lo
default 192.168.0.41 0.0.0.0 UG 0 0 0 eth1
With ifconfig:
eth0 Link encap:Ethernet HWaddr 00:50:BA:F0:6A:7B
inet addr:10.122.15.43 Bcast:10.255.255.255 Mask:255.255.0.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
eth1 Link encap:Ethernet HWaddr 00:50:BA:0A:02:E4
inet addr:192.168.0.43 Bcast:192.168.0.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Machine 1:
eth0 Link encap:Ethernet HWaddr 00:40:95:2D:08:E9
inet addr:10.122.15.41 Bcast:10.122.255.255 Mask:255.255.0.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
eth0:0 Link encap:Ethernet HWaddr 00:40:95:2D:08:E9
inet addr:10.122.15.42 Bcast:10.122.255.255 Mask:255.255.0.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:11 Base address:0x8000
eth1 Link encap:Ethernet HWaddr 00:00:21:DA:0F:38
inet addr:192.168.0.41 Bcast:192.168.0.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
eth1:0 Link encap:Ethernet HWaddr 00:00:21:DA:0F:38
inet addr:192.168.0.254 Bcast:192.168.0.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use
Iface
192.168.0.0 * 255.255.255.0 U 0 0 0 eth1
10.122.0.0 * 255.255.0.0 U 0 0 0 eth0
127.0.0.0 * 255.0.0.0 U 0 0 0 lo
default 10.122.254.254 0.0.0.0 UG 0 0 0 eth0
And my director is configured with:
serial_no = 64
primary = 10.122.15.41
primary_private = 192.168.0.41
service = lvs
backup = 0.0.0.0
heartbeat = 1
heartbeat_port = 539
keepalive = 6
deadtime = 18
network = nat
nat_router = 192.168.0.254 eth1:0
nat_nmask = 255.255.255.0
reservation_conflict_action = preempt
debug_level = NONE
virtual web1 {
active = 1
address = 10.122.15.42 eth0:0
vip_nmask = 255.255.0.0
port = 80
send = "GET / HTTP/1.0\r\n\r\n"
expect = "HTTP"
load_monitor = uptime
scheduler = rr
protocol = tcp
timeout = 6
reentry = 15
quiesce_server = 0
server Real2 {
address = 192.168.0.43
active = 1
weight = 1
}
server Real1 {
address = 192.168.0.41
active = 1
weight = 1
}
}
IP Virtual Server version 0.8.1 (size=65536)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 10.122.15.42:80 rr
-> 192.168.0.43:80 Masq 1 0 0
-> 192.168.0.41:80 Local 1 0 0
Checking the Apache logs on Machine 1, and it's responding on port
192.168.0.41, so looks like it is coming through the director fine. I ran:
iptables -t nat -A POSTROUTING -s 192.168.0.41 -j MASQUERADE
On Machine 1 (Director).
I can telnet to the realserver on Machine 2 on port 80 and get response
fine, and Piranha-gui shows it up and running. I think so far it's a problem
with routing the response from Machine 2 back to Client, but I'm totaly at
sea now with this networking.
Any ideas?
Mike
|
