On my web farm server (real server) I have this:
Eth0 210.210.30.210
Eth1 10.0.0.1
Lo 127.0.0.1
Lo:0 210.210.30.200 # VIP
I put in the arptables entries of:
arptables -A IN -d 210.210.30.200 -j DROP
arptables -A OUT -s 210.210.30.200 -j mangle --mangle-ip-s 210.210.30.210
and then I look at the arp output with 'tcpdump -n -e arp' when hitting the
server with a request and one of the two web servers is responding with:
0:30:48:80:b3:66 Broadcast arp 42: arp who-has 210.210.30.200 tell
210.210.30.210
0:d:bd:4a:3b:0 0:30:48:80:b3:66 arp 60: arp reply 210.210.30.200 is-at
0:d:bd:4a:3b:0
Should this machine be responding to arp at all?
Kirk
-----Original Message-----
From: Horms [mailto:horms@xxxxxxxxxxxx]
Sent: Sunday, March 27, 2005 10:24 PM
To: kirk@xxxxxxxxxxxxxxxxx; LinuxVirtualServer.org users mailing list.
Subject: Re: Initial setup
On Sun, Mar 27, 2005 at 08:07:43PM -0800, Kirk wrote:
> Well I tried this on my two real servers that are being load balanced with
> LVS and I still have my original problem. It seems even though I have
these
> entries, when I hit the VIP it continues to resolve to only one of the
> servers, even though I turn off apache on the server that it's resolving
to.
> I'm assuming LVS should tell the request to route to the second server,
but
> tcpdump reveals that its still hitting the first. Is it possible the ARP
is
> still messed up or does that clear in some short time frame?
Try monitoring the hardware addresses used in arp messages
using tcpdump to give you an idea of what is going on.
tcpdump -n -e arp
You can also inspect the ARP table on the machine that replies
are being sent to on the local network - the end-user if it
is on the same network, or the router otherwise.
--
Horms
|