Re: LVS-DR: private network for realserver

To:	"LinuxVirtualServer.org users mailing list." <lvs-users@xxxxxxxxxxxxxxxxxxxxxx>
Subject:	Re: LVS-DR: private network for realserver
From:	Joseph Mack <mack.joseph@xxxxxxx>
Date:	Wed, 03 Nov 2004 15:11:46 -0500

Guy Coates wrote:
> 
> I'm running into problems using LVS-DR when using a private network to
> route traffic from the director to the realservers.
> 
> director
> 
> Public   IP :   172.17.22.215   (eth0)
> Public VIP  :   172.17.22.216 (eth0:0)
> Private IP  :   10.4.1.2 (eth1)
> 
> realserver
> 
> Public  IP: 172.17.22.214 (eth0)
> Private IP:     10.4.1.1   (eth1)
> VIP       :     172.17.22.216 (lo:0)
> 
> eth0 on both machines are on the same segment, and eth1 on both machines
> are connected via a crossover cable. All client traffic comes in and out
> via the public network.
> 
> If I route director->realserver traffic over eth0, everything works as it
> should.
> 
> ipvsadm -A -t 172.17.22.216:80
> ipvsadm -a -t 172.17.22.216:80 -r 172.17.22.214 -g
> 
> director:~# ipvsadm -L -c
> IPVS connection entries
> pro expire state       source           virtual         destination
> TCP 14:49  ESTABLISHED 172.25.1.32:37143  172.17.22.216:80  172.17.22.214:80
> 
> If I route director->realserver traffic via the private network, things
> don't. The director routes the incoming traffic correctly, but the
> realserver drops the packets on the floor.
> 
> ipvsadm -A -t 172.17.22.216:80
> ipvsadm -a -t 172.17.22.216:80  -r 10.4.1.1 -g
> 
> director:~# ipvsadm -L  -c -n
> IPVS connection entries
> pro expire state       source             virtual            destination
> TCP 00:36  SYN_RECV    172.25.1.32:37154  172.17.22.216:80   10.4.1.1:80
> 
> tcpdump on the realserver confirms that the director is correctly passing
> the packets to the realserver:
> 
> realserver:~# tcpdump -i eth1 port 80 -p -n
> 
> 12:25:30.922232 IP 172.25.1.32.37159 > 172.17.22.216.80:
> S 2236244704:2236244704(0) win 5840
> <mss 1460,sackOK,timestamp 172541305 0,nop,wscale 0>
> 
> However,  the realserver does not pick up the packet.

have you set the default gw for the realserver to some device on the
172.17.22.0/32 network that isn't on the director?

Joe
-- 
Joseph Mack PhD, High Performance Computing & Scientific Visualization
LMIT, Supporting the EPA Research Triangle Park, NC 919-541-0007
Federal Contact - John B. Smith 919-541-1087 - smith.johnb@xxxxxxx

<Prev in Thread]	Current Thread	[Next in Thread>
LVS-DR: private network for realserver, Guy Coates Re: LVS-DR: private network for realserver, Joseph Mack <= Re: LVS-DR: private network for realserver, Guy Coates Re: LVS-DR: private network for realserver, Joseph Mack RE: LVS-DR: private network for realserver, Peter Mueller RE: LVS-DR: private network for realserver, Guy Coates Re: LVS-DR: private network for realserver, Guy Coates

Previous by Date:	RE: LVS-DR: private network for realserver, Guy Coates
Next by Date:	Document, wensong
Previous by Thread:	LVS-DR: private network for realserver, Guy Coates
Next by Thread:	Re: LVS-DR: private network for realserver, Guy Coates
Indexes:	[Date] [Thread] [Top] [All Lists]