Keepalived + VLAN + iprules

To:	lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Subject:	Keepalived + VLAN + iprules
From:	flafolie@xxxxxx
Date:	Thu, 26 Apr 2007 12:59:06 +0200

Hello,

I was writting this mail to explain my problem and i found it in thesame time. I send it, maybe it will helps someone. In fact the ipruleshave to have as ip source address the VIP and not the realserveradress :


ip rule add from 10.0.22.171 table ftp_table
ip rule add from 10.0.23.100 table http_table

No problem anymore, resolved problem explained below
---

I have installed and configured keepalived (v1.1.13).

IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
  -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
TCP  10.0.23.100:http wlc persistent 600
  -> 192.168.15.11:http           Masq    100    0          0
TCP  10.0.22.171:ftp wlc persistent 600
  -> 192.168.15.10:ftp            Masq    100    0          0

I'm trying to manage different services on different VLANs on my loadbalancer.
eth0.26 : vlan 10.0.22.0/24 for ftp
eth0.28 : vlan 10.0.23.0/24 for http

The problem is I can configure only one default route on myloadbalancer. For example, if my default route is 10.0.23.1, requestand reply for http (vlan 10.0.23.0) both going in the good vlan. Butfor ftp, request will be on the good vlan (10.0.22.0) but reply onvlan 10.0.23.0 (my firewall authorizes that for tests) and not10.0.22.0.

I have tried to define some iprules on my loadbalancer to say if thesource ip address is 192.168.15.10, so forward packets to 10.0.22.0network but it seems doesn't work. LVS apparently don't let therouting decisions to the operating system after its own operations...


Here are my iprules :
ip rule add from 192.168.15.10 table ftp_table
ip rule add from 192.168.15.11 table http_table

ip route add default via 10.0.22.1 dev eth0.26 table ftp_table
ip route add default via 10.0.23.1 dev eth0.28 table http_table
ip route flush cache

I also tried that but no more effect :

ip route add default scope global nexthop via 10.0.22.1 dev eth0.26weight 1 nexthop via 10.0.23.1 dev eth0.28 weight 1


Thanks,

François
(and sorry for my english)

----------------------------------------------------------------
This message was sent using IMP, the Internet Messaging Program.

<Prev in Thread]	Current Thread	[Next in Thread>
Re: LVS Load Balancing, (continued) Re: LVS Load Balancing, Joseph Mack NA3T Re: LVS Load Balancing, Manuel Arostegui Ramirez Keepalived, Upblogger.com Re: Keepalived, Graeme Fowler RE: Keepalived, Upblogger.com RE: Keepalived, Graeme Fowler RE: Keepalived, Upblogger.com RE: Keepalived, Joseph Mack NA3T Keepalived + LVS, Upblogger.com Re: Keepalived + LVS, Manuel Arostegui Ramirez Keepalived + VLAN + iprules, flafolie <= Re: Keepalived + VLAN + iprules, Joseph Mack NA3T Re: Keepalived + VLAN + iprules, flafolie

Previous by Date:	Re: LDIRECTORD: Add external checktype, Simon Horman
Next by Date:	lvs-nat configure issue, ram prakash
Previous by Thread:	Re: Keepalived + LVS, Manuel Arostegui Ramirez
Next by Thread:	Re: Keepalived + VLAN + iprules, Joseph Mack NA3T
Indexes:	[Date] [Thread] [Top] [All Lists]