|
Hello all
I've been trying to set up lvs/dr cluster for http. Every thing looked good for
http load balancing, but when tried to direct icmp packet I got stuck. What I
want to do is to ping VIP in order to know if any of the real servers are
available.
Here's my setup:
Client PC
CIP 10.10.10.155
Linux Director also as a gateway
10.10.10.55(eth0)
192.168.100.254(eth1)
Real Server1
RIP 192.168.100.1
Real Server1
RIP 192.168.100.2
VIP 192.168.200.1
I'm using fwmark so as not to have VIP on the Director.
On the client PC, a route is added so that packets with 192.168.200.1 as the
dst_addr are sent to 10.10.10.55.
I set mark 0x1 for http(81) and 0x2 for icmp.
#iptables -vL -n -t mangle
Chain PREROUTING (policy ACCEPT 68026 packets, 8253K bytes)
pkts bytes target prot opt in out source destination
30 2806 MARK tcp -- * * 0.0.0.0/0
192.168.200.1 tcp dpt:81 MARK set 0x1
464 27840 MARK icmp -- * * 0.0.0.0/0
192.168.200.1 MARK set 0x2
It seems packets are marked correctly, since the pkts and bytes increse as I
ping VIP or http://VIP:81.
The http packets which is marked as 0x1 are directed to real servers.
However no packets are directed to real servers for icmp(fwmark 2).
When I ping VIP no packets get out of eth1 on the director(by tcpdump -i eth1).
# ipvsadm -L -n --stats
IP Virtual Server version 1.0.11 (size=4096)
Prot LocalAddress:Port Conns InPkts OutPkts InBytes OutBytes
-> RemoteAddress:Port
FWM 1 6 30 0 2806 0
-> 192.168.100.2:0 3 15 0 1360 0
-> 192.168.100.1:0 3 15 0 1446 0
FWM 2 0 0 0 0 0
-> 192.168.100.1:0 0 0 0 0 0
-> 192.168.100.2:0 0 0 0 0 0
# ip rule show
0: from all lookup local
100: from all fwmark 0x1 lookup 100
100: from all fwmark 0x4 lookup 100
32766: from all lookup main
32767: from all lookup 253
# ip route show table 100
local default dev lo scope host
I have no filter setup on the director, as long as I know from 'iptables -L'.
So, what would I be missing?
Any suggestion appreciated.
Kimitoshi Takahashi
Cluster Computing Inc., Japan
|
