|
Hello all
I am replacing an inherited LVS-NAT load balancer, the old server is
running kernel 2.4.20 and the hard drives are failing, and I am unable
to rebuild the raid array. I have setup a new server running kernel
2.6.13 on a gentoo server.
I have run ipvsadm-save -n > loadbalancer.save on the old server as well
as iptables-save > firewall.save and I have copied these files to the
new server and run the respective ipvsadm-restore < loadbalancer.save
and iptables-restore < firewall.save.
This setup looks like this
eth0: 90.64.206.254 with a bunch of aliases for other ipaddressess, i.e.
eth0:0 90.64.206.132, eth0:1 90.64.206.200
eth1: 10.17.255.254
I have ip_forward set to 1. The old firewall/lvs works like a champ,
but as soon as I unplug the old firewall, and plug in the new one,
traffic starts to come in and get load balanced properly, but not for
all the eth0:* aliases. I would guess that half work and the others do
not.
One thing I noticed is that I have my firewall policy to drop all
packets on the OUTPUT chain, but this seemed to break LVS, it only
started working once I allowed all packets out the OUTPUT chain.
Can someone help shed some light on this setup. I tried doing this
replacement last night, but it didnt work so I have to wait until
tonight to try again.
Thanks,
Spencer Tuttle
--
http://www.fastmail.fm - Same, same, but different?
|
