|
On Tue, 08 Nov 2005 09:24:12 -0700, "Spencer Tuttle"
<rodeojones@xxxxxxxxxxx> said:
> Hello all
>
> I am replacing an inherited LVS-NAT load balancer, the old server is
> running kernel 2.4.20 and the hard drives are failing, and I am unable
> to rebuild the raid array. I have setup a new server running kernel
> 2.6.13 on a gentoo server.
>
> I have run ipvsadm-save -n > loadbalancer.save on the old server as well
> as iptables-save > firewall.save and I have copied these files to the
> new server and run the respective ipvsadm-restore < loadbalancer.save
> and iptables-restore < firewall.save.
>
> This setup looks like this
>
> eth0: 90.64.206.254 with a bunch of aliases for other ipaddressess, i.e.
> eth0:0 90.64.206.132, eth0:1 90.64.206.200
> eth1: 10.17.255.254
>
> I have ip_forward set to 1. The old firewall/lvs works like a champ,
> but as soon as I unplug the old firewall, and plug in the new one,
> traffic starts to come in and get load balanced properly, but not for
> all the eth0:* aliases. I would guess that half work and the others do
> not.
>
> One thing I noticed is that I have my firewall policy to drop all
> packets on the OUTPUT chain, but this seemed to break LVS, it only
> started working once I allowed all packets out the OUTPUT chain.
>
> Can someone help shed some light on this setup. I tried doing this
> replacement last night, but it didnt work so I have to wait until
> tonight to try again.
>
> Thanks,
> Spencer Tuttle
>
Well everything seems to be working alright now. All I can suppose is
that the ARP tables on my upstream ISP needed to timeout before i could
start to receive new traffic.
Spencer
--
http://www.fastmail.fm - I mean, what is it about a decent email service?
|
