|
I'm having a problem with a cluster here, I can't connect to the VIP
from a host on the same LAN.
this is a DR setup. each host is connected to two networks. here's the
ip addr output from the LB:
1: lo: <LOOPBACK,UP> mtu 16436 qdisc noqueue
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 brd 127.255.255.255 scope host lo
4: eth0: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 1000
link/ether 00:0b:db:d5:54:e7 brd ff:ff:ff:ff:ff:ff
inet 129.240.191.19/24 brd 129.240.191.255 scope global eth0
5: eth1: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 1000
link/ether 00:0b:db:d5:54:e8 brd ff:ff:ff:ff:ff:ff
inet 158.36.191.26/25 brd 158.36.191.127 scope global eth1
inet 158.36.191.10/32 scope global eth1
the VIP is the .10.
pinging the VIP from the 158.36.191-network works fine, the reply comes
from the LB. connecting to the service using telnet does not. the
packet goes through the LB, has the MAC addresses rewritten (src=LB,
dest=RS), and is passed on to the real server. I can see the packet
using tcpdump on the real server, but it does not send a reply. the
service works fine for the Internet. when I kill the process listening
on the port, the kernel should send an ECONNREFUSED on its own, and
indeed it does so if I try to connect from the Internet.
there are no iptables rules.
this is not a problem in a different cluster set up in the same manner,
except there each host is only on one network.
I'm stumped. can anyone explain what's happening here?
--
Kjetil T.
|
