I'm running into problems using LVS-DR when using a private network to
route traffic from the director to the realservers.
director
Public IP : 172.17.22.215 (eth0)
Public VIP : 172.17.22.216 (eth0:0)
Private IP : 10.4.1.2 (eth1)
realserver
Public IP: 172.17.22.214 (eth0)
Private IP: 10.4.1.1 (eth1)
VIP : 172.17.22.216 (lo:0)
eth0 on both machines are on the same segment, and eth1 on both machines
are connected via a crossover cable. All client traffic comes in and out
via the public network.
If I route director->realserver traffic over eth0, everything works as it
should.
ipvsadm -A -t 172.17.22.216:80
ipvsadm -a -t 172.17.22.216:80 -r 172.17.22.214 -g
director:~# ipvsadm -L -c
IPVS connection entries
pro expire state source virtual destination
TCP 14:49 ESTABLISHED 172.25.1.32:37143 172.17.22.216:80 172.17.22.214:80
If I route director->realserver traffic via the private network, things
don't. The director routes the incoming traffic correctly, but the
realserver drops the packets on the floor.
ipvsadm -A -t 172.17.22.216:80
ipvsadm -a -t 172.17.22.216:80 -r 10.4.1.1 -g
director:~# ipvsadm -L -c -n
IPVS connection entries
pro expire state source virtual destination
TCP 00:36 SYN_RECV 172.25.1.32:37154 172.17.22.216:80 10.4.1.1:80
tcpdump on the realserver confirms that the director is correctly passing
the packets to the realserver:
realserver:~# tcpdump -i eth1 port 80 -p -n
12:25:30.922232 IP 172.25.1.32.37159 > 172.17.22.216.80:
S 2236244704:2236244704(0) win 5840
<mss 1460,sackOK,timestamp 172541305 0,nop,wscale 0>
However, the realserver does not pick up the packet.
I'm using kernel 2.4.27+hidden arp patches on both realserver and
director.
Does anyone have any suggestions?
Cheers,
Guy Coates
--
Dr. Guy Coates, Informatics System Group
The Wellcome Trust Sanger Institute, Hinxton, Cambridge, CB10 1SA, UK
Tel: +44 (0)1223 834244 ex 7199
|