[lvs-users] LVS-Tun problem

["Grasmo, Johan" <johan@xxxxxxxxxxxxxxxxx>]

Hi,

This is my first post to this list as I'm trying to setup a simple
LVS-TUN solution. Sorry for this lengthy email but at the moment I'm
kinda stuck..

In my setup I have one director and two clients with the current layout:


                        +-----------+
                        |               |
                        | Client        |
                        |               |
                        +-----------+
                                |
                                |
                                |       +-----------+
                                |       |               |
                                +-----|Director |
                                |       |               |
                                |       +-----------+
                                |
        +-----------------+-----------------+
        |                                               |
+-----------+                           +-----------+
|               |                               |               |
|RS1            |                               |RS2            |
|               |                               |               |
+-----------+                           +-----------+


Each server (Director, RS1, RS2) have 2 NICS where eth0 is configured
with a LAN address (172.24.x.x) and eth1 is configured with a public IP
address.
The VIP on the director is configured on eth1:1 and on tunl0 on the real
servers (Ifconfig tunl0 82.117.x.x netmask 255.255.255.255 broadcast
82.117.x.x)

Uname for the servers: 
Director: Linux <foobar> 2.6.22.9-server-1mdv #1 SMP
RealServers: Linux <foobar> 2.6.22-6mdv #1 SMP

I've installed keepalived on the director with the following in
keepalived.conf:
global_defs {
        notification_email {
                johan@xxxxxxxxxxxxxxxxx
        }
        notification_email_from keepalived@.allerinternett.no }
virtual_server 82.117.50.203 23 {
        delay_loop 30
        lb_algo wrr
        lb_kind TUN
        persistence_timeout 50
        protocol TCP

        real_server 82.117.50.153 23 {
                weight 1
        }
        real_server 82.117.50.154 23 {
                weight 1
        }

}

It's a pretty straightforward setup. I encountered the ARP-problem but
the following in /etc/sysctl.conf seems to have corrected that:

net.ipv4.conf.tunl0.arp_ignore=1
net.ipv4.conf.tunl0.arp_announce=2
net.ipv4.conf.all.arp_ignore=1
net.ipv4.conf.all.arp_announce=2

My next problem is when I telnet to the VIP. I get the following message
in /var/log/messages on the real servers:

Nov  6 09:44:25 web4 kernel: martian source 82.117.50.203 from
82.117.50.129, on dev tunl0 Nov  6 09:44:25 web4 kernel: ll header:
45:00:00:44:00:00:40:00:7e:04:f2:6a:52:75:32:c8:52:75:32:99:45:00:00:30:
a8:42:40:00:7e:06:4a:4f:52:75:32:81:52:75:32:cb:e5:2c:00:17:56:08:19:eb:
00:00:00:00:70:02:ff:ff:23:b2:00:00:02:04:05:b4:01:01:04:02:ad:3e:24:10:
00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:84:91:95:f8:
41:43:41:43:41:43:41:43:41:43:41:42:4f:00:ff:53:4d:42:25:00

>From what I've read (http://www.ssi.bg/~ja/,
http://docs.huihoo.com/hpc-cluster/linux-virtual-server/HOWTO/LVS-HOWTO.
LVS-DR.html#LVS-DR_director_default_gw) I need to patch the kernel but
is this really neccessary?

At this point I'm "stuck" so all feedback is appreciated.

Cheers,

Johan