|
"John P. Looney" wrote:
>
> Hi, I've done a good bit of LVS stuff before, but never direct routing,
> which is why I'm a little confused.
>
> I've setup a director with:
>
> echo 1 > /proc/sys/net/ipv4/ip_forward
> ipvsadm -A -t XXX.168.225.3:17 -s wlc
> ipvsadm -a -t XXX.168.225.3:17 -r XXX.168.225.1 -g
> ipvsadm -a -t XXX.168.225.3:17 -r XXX.168.225.2 -g
>
> ifconfig dummy0 0.0.0.0 up
> echo 1 > /proc/sys/net/ipv4/conf/all/hidden
> echo 1 > /proc/sys/net/ipv4/conf/dummy0/hidden
> ifconfig dummy0:0 XXX.168.225.3 up
on the director the VIP should be on a regular ethernet device eg eth0,
eth0:x and shouldn't be hidden.
> So, it should just be setup to forward 17 to XXX.168.225.1 and
> XXX.168.225.2. On both clients, I have:
do you mean realservers? the clients are on the internet
(or test machines filling that function)
> echo 1 > /proc/sys/net/ipv4/ip_forward
on realservers you don't need ip_forward on.
You do need this on the director.
Have a look at the LVS-mini-HOWTO
> echo 1 > /proc/sys/net/ipv4/conf/all/hidden
> echo 1 > /proc/sys/net/ipv4/conf/lo/hidden
> ifconfig lo:0 XXX.168.225.3 netmask 255.255.255.255 broadcast \
> XXX.168.225.3 up
>
> I can ping XXX.168.225.3 fine. However, when I nmap that address, I'm
> told that port 17 is "filtered". Telnetting to that port results in a
> "no route to host".
it's hidden
Joe
--
Joseph Mack PhD, Senior Systems Engineer, SAIC contractor
to the National Environmental Supercomputer Center,
ph# 919-541-0007, RTP, NC, USA. mailto:mack.joseph@xxxxxxx
|
