|
Hi Matthew,
Well, well, well ... are you trying to get the IP packets confused
with your setup? :)
Wasn't "trying" to. Our hosting provider gave us 3 machines with 10
IP's each. According to them, all three machines are plugged into the
same physical switch.
They better be.
They are also the ones who setup all the original
networking parameters below.
Oh, interesting. Do you have a physical network sketch?
From what I've seen, you seem to "own" a /24 class -->
72.52.166.0/24. You might either want to:
For the most part, yes. I think there are 2 blocks in there that we
don't have: .66 - .128 and .142 - .254 I'm sure other customers of
theirs have those IPs.
Ok, so you actually only own half of a /24 class :).
Director: /etc/sysconfig/network-scripts/ifcfg-eth1 (and eth1-range0)
IPADDR=74.52.166.34
GATEWAY=74.52.166.33
NETMASK=255.255.255.240
IPADDR_START=74.52.166.35
IPADDR_END=74.52.166.45
GATEWAY=74.52.166.33
NETMASK=255.255.255.240
Slave #1: /etc/sysconfig/network-scripts/ifcfg-eth1 (and eth1-range0)
IPADDR=74.52.166.50
GATEWAY=74.52.166.49
NETMASK=255.255.255.240
IPADDR_START=74.52.166.51
IPADDR_END=74.52.166.61
GATEWAY=74.52.166.49
NETMASK=255.255.255.240
NO_ALIASROUTING=yes
Slave #2: /etc/sysconfig/network-scripts/ifcfg-eth1 (and eth1-range0)
IPADDR=74.52.166.130
GATEWAY=74.52.166.129
NETMASK=255.255.255.240
IPADDR_START=74.52.166.131
IPADDR_END=74.52.166.141
GATEWAY=74.52.166.129
NETMASK=255.255.255.240
NO_ALIASROUTING=yes
I'm not sure what I should do with the listing above since it does not
tell me much, I'm afraid. From what I see you've sent some sort of your
Linux distribution's network configuration. Since I don't understand its
semantics I cannot comment it.
a) Set your netmasks for the the RIP to /24 or
b) Put your RIPs inside the same scope for all servers
So basically for IP-DR, all servers need to use the same GW on the
same switch? I'm guessing our hosting provider has the switch we are on
subnetted?
You mean through VLAN? I'd be interested to know, but then this would be
an awful waste of IP and HW resources. It would mean that the
switch/router needs an IP address per VLAN as DGW. I can hardly imagine
this to be the case. The segment might be subnetted but I doubt it
matters, unless your provider has put on port ACL.
I hope this will work for you.
I see some light. Check this:
Director:
11:31:55.232013 IP 70.241.143.240.2366 > 74.52.166.35.telnet: S
1094534970:1094534970(0) win 65535 <mss 1452,nop,nop,sackOK>
11:31:55.232024 IP 70.241.143.240.2366 > 74.52.166.35.telnet: S
1094534970:1094534970(0) win 65535 <mss 1452,nop,nop,sackOK>
11:31:58.221152 IP 70.241.143.240.2366 > 74.52.166.35.telnet: S
1094534970:1094534970(0) win 65535 <mss 1452,nop,nop,sackOK>
11:31:58.221161 IP 70.241.143.240.2366 > 74.52.166.35.telnet: S
1094534970:1094534970(0) win 65535 <mss 1452,nop,nop,sackOK>
11:32:04.254643 IP 70.241.143.240.2366 > 74.52.166.35.telnet: S
1094534970:1094534970(0) win 65535 <mss 1452,nop,nop,sackOK>
11:32:04.254652 IP 70.241.143.240.2366 > 74.52.166.35.telnet: S
1094534970:1094534970(0) win 65535 <mss 1452,nop,nop,sackOK>
Slave #1:
11:31:52.930429 IP 70.241.143.240.2366 > 74.52.166.35.telnet: S
1094534970:1094534970(0) win 65535 <mss 1452,nop,nop,sackOK>
11:31:55.919545 IP 70.241.143.240.2366 > 74.52.166.35.telnet: S
1094534970:1094534970(0) win 65535 <mss 1452,nop,nop,sackOK>
11:32:01.953014 IP 70.241.143.240.2366 > 74.52.166.35.telnet: S
1094534970:1094534970(0) win 65535 <mss 1452,nop,nop,sackOK>
So now at least Slave #1 is getting the packets but I never got a
response back.
Your RS' DGW must all point to the same existing DGW, which is some
router or firewall of your hosting provider. At least on the Slave #1
you should see the SYN/ACK of the telnet connection. So either there is
no telnetd running on that box, or you have some filtering rules, or the
node is confused about where to send the reply packet. If you check your
Slave #1 using netstat, do you see those connection attempts and if so,
what TCP state are they in? Are any of the requests also forwarded to
Slave #2?
If I can't get my hosting company to put me on 1 subnet, should I revert
back to my original IP config and use IP-TUN instead?
Why wouldn't this be possible? You only need like a /28 or even /29
network if you set the IP addresses up correctly. You can of course try
to switch to LVS-TUN. The setup is almost the same.
We discussed this
load balancing thing in a meeting yesterday and someone thought it would
be good to put one of our other machines with another provider on as
'fallback'. That would require using TUN wouldn't it?
Yes.
I presume you haven't change much of the configuration I've proposed
earlier, so why does it work nevertheless now? Or did I misinterpret
your email?
Best regards,
Roberto
--
echo
'[q]sa[ln0=aln256%Pln256/snlbx]sb3135071790101768542287578439snlbxq' | dc
|
