LVS
lvs-users
[Top] [All Lists]
Google
 
Web LinuxVirtualServer.org
<prev [Date] next> <prev [Thread] next>

Re: LVS-NAT and BIND

from [Chad Morland] [Permanent Link]
To: "LinuxVirtualServer.org users mailing list." <lvs-users@xxxxxxxxxxxxxxxxxxxxxx>
Subject: Re: LVS-NAT and BIND
From: "Chad Morland" <cmorland@xxxxxxxxx>
Date: Fri, 1 Jun 2007 11:22:58 -0400 
Thanks for the reply.

We also have LVS-DR on our network so I reconfigured the DNS machine to work
with those balancers.

It is working as expected now.

-CM

On 6/1/07, Sal Tepedino <stepedino@xxxxxxxxxxxxxx> wrote:
>
> On Fri, 2007-06-01 at 08:18 -0400, Chad Morland wrote:
>
> > I have one ldirectord with the VIP of 10.10.1.101 and so far only one RS
> > with the IP of 10.10.1.198.
>
> Seems you're using LVS NAT where your director and real servers are on
> the same network, so what's happening is that the query comes in to the
> director, gets routed to the real server, then the real server either
> can directly reply to the client (If your client is on the same network
> as well) or the real server's gateway is the gateway for the 10.10.1.0
> network, so it's able to send the packet directly back to the client.
> The client's expecting a response from the director, where it sent the
> query, but instead is getting the response from the real server.
>
> You'll either need to A: Put the real servers on their own network
> behind the real servers (the proper configuration for LVS NAT) or you'll
> need to configure for LVS DR, which would require some ARP fixing on the
> real servers and binding of the VIP to localhost (Also on the real
> servers). Which you choose depends on your network setup...
>
> > $ dig @10.10.1.101 tor.prod
> > ;; reply from unexpected source: 10.10.1.198#53, expected 10.10.1.101#53
> >
> > ; <<>> DiG 9.2.4 <<>> @10.10.1.101 tor.prod
> > ;; global options:  printcmd
> > ;; connection timed out; no servers could be reached
> >
> > virtual=10.10.1.101:53
> >         real=10.10.1.198:53 masq
> >         request="www.prod"
> >         receive="10.10.1.145"
> >         service=dns
> >         scheduler=wlc
> >         protocol=udp
> >
> >
> > Is this a BIND misconfig or something to do with LVS /udp packets?
> >
> > -CM
> > _______________________________________________
> > LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
> > Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
> > or go to http://lists.graemef.net/mailman/listinfo/lvs-users
> --
> Sal Tepedino <stepedino@xxxxxxxxxxxxxx>
>
> _______________________________________________
> LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
> Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
> or go to http://lists.graemef.net/mailman/listinfo/lvs-users
>
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: LVS-NAT and BIND, Sal Tepedino
Next by Date:  Re: LVS-NAT and BIND, Joseph Mack NA3T
Previous by Thread:  Re: LVS-NAT and BIND, Sal Tepedino
Next by Thread:  Re: LVS-NAT and BIND, Joseph Mack NA3T
Indexes:  [Date] [Thread] [Top] [All Lists]