hi Joe
thanks for your answer.
> /sbin/iptables -t nat -A PREROUTING -p tcp -d 172.17.200.xxx -j
> REDIRECT
> why do you do this? It should stop the LVS from working. See
> the HOWTO on transparent proxy.
we do this on the realserver, because we have no VIP on the realserver.
/sbin/iptables -t nat -A PREROUTING -p tcp -d VIP -j REDIRECT
THIS WAS THE PROBLEM:
means: look at each incomming packet with destination VIP and
rewrite it with the local IP.
(REDIRECT:It alters the destination IP address to send the packet to the
machine itself)
works perfect if you use one IP on the realserver and a named based apache
config, but with many
IP's every incomming packet is rewritten with the "first?" IP of the
realserver and
so apache always gets the same requests.
SOLVED: with dummy device
dummy0: 172.17.199.99
dummy1: 172.17.199.199
echo '2' > /proc/sys/net/ipv4/conf/eth0/arp_announce
echo '1' > /proc/sys/net/ipv4/conf/eth0/arp_ignore
and apache listening IP based on the dummy devices.
thanks again
cheers
Lothar
_________________________________________________________
>I don't understand the problem. I think you have
>o an LVS with two VIPs
yes
>o two NICs on the realserver(s), and apache
>listening to the two VIPs on the realservers.
yes
>o requests to either VIP from an outside
>client are answered by only one of the
>apache demons.
one apache demon listening on both ips
>If so, I can't imagine how this could happen.
:) yes
current lvs routing:
IP Virtual Server version 1.0.11 (size=65536)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
.....
TCP 172.17.200.27:80 rr
-> 172.17.199.199:80 Route 1 0 3
TCP 172.17.200.200:80 rr
-> 172.17.199.99:80 Route 1 0 4
....
|