LVS
lvs-users
Google
 
Web LinuxVirtualServer.org

LVS-TUN: How to test if ISP allows it?

To: <lvs-users@xxxxxxxxxxxxxxxxxxxxxx>
Subject: LVS-TUN: How to test if ISP allows it?
From: "Son Nguyen" <trungson@xxxxxxxxx>
Date: Fri, 17 Jun 2005 11:07:05 -0700
Hello,

I'm trying to setup a simple LVS, one director and one realserver using
LVS-TUN (these machines are on 2 different datacenters).
On the real, I had tunl0 up and also hidden. Debug:

client# telnet VIP 80

director# tcpdump -ln -i eth0 host RIP
tcpdump: listening on eth0
13:50:03.151185 DIP > RIP: CIP.3305 > VIP.http: S 409780111:409780111(0) win
25200 <mss 1460,nop,nop,sackOK> (DF) [tos 0x4]  (ipip-proto-4)
13:50:06.149564 DIP > RIP: CIP.3305 > VIP.http: S 409780111:409780111(0) win
25200 <mss 1460,nop,nop,sackOK> (DF) [tos 0x4]  (ipip-proto-4)
13:50:12.165318 DIP > RIP: CIP.3305 > VIP.http: S 409780111:409780111(0) win
25200 <mss 1460,nop,nop,sackOK> (DF) [tos 0x4]  (ipip-proto-4)

realserver# tcpdump port 80
tcpdump: listening on eth0
(and there is nothing coming in)

realserver# tcpdump -i tunl0 port 80
tcpdump: listening on tunl0
(and there is also nothing)

director# ipvsadm -L -n
IP Virtual Server version 1.0.8 (size=65536)
Prot LocalAddress:Port Scheduler Flags
  -> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP  VIP:80 wlc
  -> RIP:80             Tunnel  1      0          1

director# ipvsadm -L -n -c
IPVS connection entries
pro expire state       source   virtual  destination
TCP 00:05  SYN_RECV    CIP:3305 VIP:80   RIP:80

And ipvsadm on the director shows InActConn=1. What am I doing wrong here? I
also wonder if it's the ISP that drops the ip-encapsulated packet? Is there
any method to test the ISP? Thanks for any help.


Regards,
Son Nguyen


<Prev in Thread] Current Thread [Next in Thread>