|
On 25/04/2006 22:42, Dan Sully wrote:
Thanks. The suggestion by Jacob Reif is simple, and it works. However,
requests don't actually get load balanced, since you're just looping
back to the local machine.
That's correct; this solution is a specific one for the case where
you're not that worried about having connections be load balanced.
The suggestion by Graeme Fowler with the mangle rule and lo:0 alias on each
real server appears more robust and is what I want to have happen,
unfortunately it doesn't work.
Thanks... shame it doesn't.
Trying that solution, if I have my ldirectord.conf set to 'gate', I
never see packets from the real server hit the local director. If I set it to
'masq', I have the same initial issue - packets get sent to a real server, but
because the ack comes back from an unexpected src, the packet is dropped.
ldirectord 'gate' == LVS-DR.
ldirectord 'masq' == LVS-NAT.
My solution was designed for an LVS-NAT network (as viewed from the
external clients' perspective) which then used an LVS-DR setup "internally".
Can you give us:
1. output from "ip add ls" on a realserver
2. output from "ip rou sh" on the same realserver
3. output from "ip add ls" on the director
4. output from "ipvsadm -Ln" on the director
5. output from "iptables -L -n" and "iptables -L -n -t mangle" and
"iptable -L -n -t nat" on the director
Something, somewhere, isn't trapping packets as you'd expect.
Graeme
|
