Re: Can't ping outside of LAN after script execution

[Malcolm Turnbull <malcolm@xxxxxxxxxxxxxxxx>]

Dean,

I think you should be using LVS NAT, LVS DR requires the VIP to be on 
the same subnet as the real servers.
NB. Your better off having your firewall do NAT and your loadbalancer 
just sitting on the same subnet as the real servers.
You'll also want to look at Keepalived or ldirectord for server health 
checking.

Dean Pullen wrote:

> Hi.
>
>  
>
> I'm currently configuring a LVS-DR setup (two nics, two networks)
>
>  
>
> My Director has two network cards and is accessible on the internal LAN
> and from the internet. The VIP should be 217.149.98.25.
>
>  
>
> Before I run the lvs_dr.conf, internet addresses are
> pingable/accessible, after the script is run I can no longer ping
> external addresses.
>
> What could be the cause of this and how can I remedy the problem.
>
>  
>
> The majority of useful relevant information is attached below.
>
>  
>
> Thanks,
>
>  
>
> Dean.
>
>  
>
>  
>
>  
>
> Here is my lvs_dr.conf file:
>
> #----------lvs_dr.conf------------------------------------
>
> LVSCONF_FORMAT=1.1
>
> LVS_TYPE=VS_DR
>
> INITIAL_STATE=on
>
> CLEAR_IPVS_TABLES=yes
>
>  
>
> #VIP line format - device[:alias] IP netmask broadcast
>
> #note: for VS-DR, VS-Tun, the IP is in a /32 network
>
> VIP=eth1:0 217.149.98.25 255.255.255.240 217.149.98.31
>
>  
>
> #DIP line format - device[:alias] IP network netmask broadcast
>
> DIP=eth0 192.168.2.64 192.168.2.0 255.255.255.0 192.168.2.255
>
>  
>
> #SERVICE line format - proto port scheduler IP[,weight] [IP[,weight]]
>
> SERVICE=t telnet rr RS1,1 RS2,1 RS3,1
>
> SERVICE=t http rr RS1,1 RS2,1 RS3,1
>
> SERVICE=t 8000 rr RS1,1 RS2,1 RS3,1
>
> SERVICE=t ssh rr RS1,1 RS2,1 RS3,1
>
>  
>
> SERVER_VIP_DEVICE=lo:64
>
> SERVER_NET_DEVICE=eth0
>
>  
>
> #SERVER_GW - packets with src_addr=VIP, dst_addr=0/0 are sent to
> SERVER_GW
>
> SERVER_GW=192.168.2.253
>
> #----------end lvs_dr.conf------------------------------------
>
>  
>
>  
>
>  
>
> Here is the ifconfig information of the Director before the rc.lvs_dr
> script is run:
>
> #----------
>
> eth0      Link encap:Ethernet  HWaddr 00:0D:88:1A:30:CC
>
>           inet addr:192.168.2.64  Bcast:192.168.2.255
> Mask:255.255.255.0
>
>           inet6 addr: fe80::20d:88ff:fe1a:30cc/64 Scope:Link
>
>           UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
>
>           RX packets:424595 errors:0 dropped:0 overruns:0 frame:0
>
>           TX packets:177470 errors:0 dropped:0 overruns:0 carrier:0
>
>           collisions:21969 txqueuelen:100
>
>           RX bytes:494415953 (471.5 Mb)  TX bytes:15345878 (14.6 Mb)
>
>           Interrupt:10 Base address:0x6000
>
>  
>
> eth1      Link encap:Ethernet  HWaddr 00:0C:76:54:61:EC
>
>           inet addr:217.149.98.24  Bcast:217.149.98.31
> Mask:255.255.255.240
>
>           inet6 addr: fe80::20c:76ff:fe54:61ec/64 Scope:Link
>
>           UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
>
>           RX packets:0 errors:0 dropped:0 overruns:0 frame:0
>
>           TX packets:3 errors:0 dropped:0 overruns:0 carrier:0
>
>           collisions:0 txqueuelen:100
>
>           RX bytes:562530 (549.3 Kb)  TX bytes:78611 (76.7 Kb)
>
>           Interrupt:11
>
>  
>
> lo        Link encap:Local Loopback
>
>           inet addr:127.0.0.1  Mask:255.0.0.0
>
>           inet6 addr: ::1/128 Scope:Host
>
>           UP LOOPBACK RUNNING  MTU:16436  Metric:1
>
>           RX packets:50 errors:0 dropped:0 overruns:0 frame:0
>
>           TX packets:50 errors:0 dropped:0 overruns:0 carrier:0
>
>           collisions:0 txqueuelen:0
>
>           RX bytes:4200 (4.1 Kb)  TX bytes:4200 (4.1 Kb)
>
> #----------
>
>  
>
> And after the script is run:
>
> #----------
>
>  
>
> eth0      Link encap:Ethernet  HWaddr 00:0D:88:1A:30:CC
>
>           inet addr:192.168.2.64  Bcast:192.168.2.255
> Mask:255.255.255.0
>
>           inet6 addr: fe80::20d:88ff:fe1a:30cc/64 Scope:Link
>
>           UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
>
>           RX packets:424669 errors:0 dropped:0 overruns:0 frame:0
>
>           TX packets:177568 errors:0 dropped:0 overruns:0 carrier:0
>
>           collisions:21969 txqueuelen:100
>
>           RX bytes:494421621 (471.5 Mb)  TX bytes:15365416 (14.6 Mb)
>
>           Interrupt:10 Base address:0x6000
>
>  
>
> eth1      Link encap:Ethernet  HWaddr 00:0C:76:54:61:EC
>
>           inet addr:217.149.98.24  Bcast:217.149.98.31
> Mask:255.255.255.240
>
>           inet6 addr: fe80::20c:76ff:fe54:61ec/64 Scope:Link
>
>           UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
>
>           RX packets:0 errors:0 dropped:0 overruns:0 frame:0
>
>           TX packets:6 errors:0 dropped:0 overruns:0 carrier:0
>
>           collisions:0 txqueuelen:100
>
>           RX bytes:562530 (549.3 Kb)  TX bytes:78837 (76.9 Kb)
>
>           Interrupt:11
>
>  
>
> eth1:0    Link encap:Ethernet  HWaddr 00:0C:76:54:61:EC
>
>           inet addr:217.149.98.25  Bcast:217.149.98.31
> Mask:255.255.255.240
>
>           UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
>
>           Interrupt:11
>
>  
>
> lo        Link encap:Local Loopback
>
>           inet addr:127.0.0.1  Mask:255.0.0.0
>
>           inet6 addr: ::1/128 Scope:Host
>
>           UP LOOPBACK RUNNING  MTU:16436  Metric:1
>
>           RX packets:54 errors:0 dropped:0 overruns:0 frame:0
>
>           TX packets:54 errors:0 dropped:0 overruns:0 carrier:0
>
>           collisions:0 txqueuelen:0
>
>           RX bytes:4536 (4.4 Kb)  TX bytes:4536 (4.4 Kb)
>
> #----------
>
>  
>
> _______________________________________________
> LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
> Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
> or go to http://www.in-addr.de/mailman/listinfo/lvs-users

--
Regards,

Malcolm Turnbull

Loadbalancer.org Limited
07715 770523
http://www.loadbalancer.org/