|
On Wed, 23 Nov 2005, Emmanuel Soulié wrote:
> Hi,
>
> Do you now if it is possible to use FTP in active mode
> LVS UltraMonkey LoadBalancing ?
Personally I'm having some problems. And asked a question about it
yesterday on this list.
I'm currently experimenting with a test setup and can't get the following
to work.
ftphost:
eth0: 10.0.0.100/24, Gateway: 10.0.0.1
balancer:
eth1: 10.0.0.1/24
eth0: 10.31.7.215/24
eth0:1 10.31.7.250/32 (VIP, heartbeat...)
clients:
eth0: 10.31.7.xxx
The ftphost has ftp service running.
On the balancer I configure:
ipvsadm -A -t 10.31.7.250:21 -s wlc
ipvsadm -a -t 10.31.7.250:21 -r 10.0.0.100:21 -m -w 10
modprobe ip_vs_ftp
At this point I can ftp to 10.31.7.250 and do passive transfers.
But when I try to do an active transfer the connection is not properly
SNATed. The src address of the data connection is still 10.0.0.1 instead
of 10.31.7.250. Which is dropped on the network or by the local firewall
on the client because it is not regonized as 'RELATED' ndepending on the
situation...
Did I misunderstand or should ip_vs_ftp have (helped to) taken care of
this??
No I can get a working situation if I create a service on the main IP of
the balancer:
ipvsadm -A -t 10.31.7.215:21 -s wlc
ipvsadm -a -t 10.31.7.215:21 -r 10.0.0.100:21 -m -w 10
AND I add masquarading:
iptables -t nat -A POSTROUTING -j MASQUERADE
But this will only work for the main IP, I need it to work for a number
of VIPs (aliasses) on the balancer too.
If anyone has a simmilar working setup please share how you got it to
work.
TIA,
Mark.
|
