|
Hi,
I have little setup where I balance mulitple FTP services behind a pair of
ip_vs loadbalancers. Each box has it's own public IP and there are 6 or so
VIPs/aliasses that are on which ever box is the active balancer. FTP
services are balacend to two hosts with lvs-NAT.
No I've noticed that active FTP is borken. On the client side I can see
that the ftp-data connection is comming from the IP of the loadbalancer
instead of the VIP I made the innitial connection to.
I have:
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP IP1:80 wlc persistent 1800
-> 10.31.67.203:80 Masq 10 0 0
-> 10.31.67.202:80 Masq 10 0 0
TCP IP2:80 wlc
-> 10.31.67.207:8587 Masq 10 3 8
-> 10.31.67.207:8586 Masq 10 1 12
-> 10.31.67.207:8585 Masq 10 2 10
TCP IP3:21 wlc
-> 10.31.67.203:21 Masq 10 15 62
-> 10.31.67.202:21 Masq 10 16 53
TCP IP4:21 wlc persistent 1800
-> 10.31.67.209:21 Masq 10 0 0
-> 10.31.67.208:21 Masq 10 0 0
TCP IP5:21 wlc persistent 1800
-> 10.31.67.206:21 Masq 10 0 0
-> 10.31.67.205:21 Masq 10 0 0
When I connect to IP3:ftp everything works fine untill I initiata a data
transfer. On the client I see an incomming connection from IP0 (the
primary IP of the balancer which has no virtual services) which is refused
by the client because it comes from the wrong IP.
Passive ftp works fine.
The kernel version is 2.6.12.6. The ip_vs_ftp module is loaded (and also
tried with and without ip_conntrack_ftp)... And I don't know where to look
for the problem.
Any help welcome! :)
Regards,
Mark
|
