|
On Mon, 27 Oct 2003, Horms wrote:
> On Sat, Oct 25, 2003 at 10:19:24AM -0700, Jeremy Hansen wrote:
> >
> > Let me ask my question and try and put some more details into it.
> >
> >
> > Three boxes:
> >
> > First LVS machine: eth0 - 208.x.x.x
> > eth1 - 192.168.1.40 <- used for backnet traffic
> > (like NFS and LDAP)
> > eth2 - 10.1.1.1 <- used for heartbeat
> >
> > Failover LVS machine: eth0 - 208.x.x.x
> > eth1 - 192.168.1.50 <- used for backnet traffic
> > (like NFS and LDAP)
> > eth2 - 10.1.1.2 <- used for heartbeat
> >
> > Client machine: eth0 - 208.x.x.x
> > eth1 - 192.168.1.20 <- used for backnet traffic, etc
> > no eth2 needed here.
> >
> > The First LVS machine and the Failover LVS machine are also primary and
> > replicated LDAP servers. What I would like to do is use LVS in local node
> > mode to load balance LDAP traffic on the backnet traffic interface, eth1
> > from the client machine. My goal is more for fail over rather then
> > actually load balancing.
Thanks for the reply Horms.
> In that case perhaps you don't need LVS at all, perhaps you just need
> heartbeat to control heartbeat.
>
> I would suggest looking at these and working out which
> best suits your needs.
>
> http://www.ultramonkey.org/2.0.1/topologies/sl-ha-lb-overview.html
I'm checking this out and I believe I have everything setup in this way
TCP 192.168.1.42:636 rr
-> 192.168.1.40:636 Local 1 0 0
-> 192.168.1.50:636 Route 1 0 0
on 192.168.1.40 I have:
lo:0 Link encap:Local Loopback
inet addr:192.168.1.42 Mask:255.255.255.255
UP LOOPBACK RUNNING MTU:16436 Metric:1
on 192.168.1.50 I have:
lo:1 Link encap:Local Loopback
inet addr:192.168.1.42 Mask:255.255.255.255
UP LOOPBACK RUNNING MTU:16436 Metric:1
cause lo:0 is being taken up by something...
when I telnet from 192.168.1.30 on the same network to port 636, just
connection refused. Ldap is listening on both real server IP's:
tcp 0 0 192.168.1.40:636 0.0.0.0:* LISTEN
tcp 0 0 192.168.1.50:636 0.0.0.0:* LISTEN
I'm doing local node on these same machines using the outside routable IP
on eth0 to balance pop and it works just fine:
TCP 208.37.31.234:110 wlc
-> 208.37.31.237:110 Route 1 0 0
-> 208.37.31.236:110 Local 1 0 0
so ...
I don't get it. My head hurts. Thanks for the help!
> http://www.ultramonkey.org/2.0.1/topologies/ha-overview.html
>
> > I've been trying to use the local node feature without much luck. I've
> > done the following from what I've read:
> >
> > VIP on eth1 192.168.1.41
> > Forced ldap to listen on 127.0.0.1
> > Configured ipvs to look like this:
> >
> > TCP 192.168.1.41:636 wlc
> > -> 127.0.0.1:636 Local 1 0 0
> >
> > and then I've tried telneting to port 636 from the client machine and the
> > connection is refused. Now this sounds like an arp issue because the
> > client machines are on the same network as the VIP. This is my first
> > guess but this is where I need help. It would be great to get this going
> > so I don't have to worry about what happens when LDAP dies.
>
> That sounds suspiciously like LDAP isn't listening on 127.0.0.1:636.
> Or perhaps you don't have the machine set up to recieve packets for
> the VIP.
when you say machine setup to receive packages on the VIP, you mean have
the IP alias? I do:
eth1:1 Link encap:Ethernet HWaddr 00:07:E9:1B:54:07
inet addr:192.168.1.42 Bcast:192.168.1.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:23 Base address:0x10c0 Memory:f4120000-f4140000
> It almost certainly isn't an ARP issue unless you have another
> machine configured with the VIP, which obviously isn't going to work.
>
> > Also, I'm confused about using the noarp loopback device in this scenerios
> > on the Failover LVS server. I can add this to the ipvs config:
> >
> > TCP 192.168.1.41:636 wlc
> > -> 192.168.1.50:636 Route 1 0 0
> > -> 127.0.0.1:636 Local 1 0 0
> >
> > 192.168.1.50 is the IP of the replicate ldap server and also the IP of
> > eth1 on that server. Ldap is listening. Do I need to add a noarp device
> > to 192.168.1.50 for the VIP on the Primary LVS server? I mean I've tried
> > and this just locked me out of the box because I lost access to ldap.
>
> Yes.
Ok, did this and no go...
Thanks again. Any other info I can give you, please ask. I've been
working on this for two days straight now.
-jeremy
|
