First my setup, I have 2 smtp servers and I would like to load balance
them and offer HA using only one public IP. The 2 smtp servers are in
our dmz and so the load balancers will also need to be there. The smtp
servers also can't be modified, other then changing the gateway. My
desired OS is Debian. For testing I am using vmware and have 2 working
smtp virtual machines, and then one virtual machine director with 2
nics. Everything is all on the same subnet, smtp1=10.12.1.244,
smtp2=10.12.1.245, director eth1=10.12.1.245 and eth2=10.12.1.246,
client=10.72.1.X (or any other subnet besides 10.12).
This is what I have tried, I setup the director saying eth1 will be the
public side and eth2 will be the private side. I installed on debian
etch using apt-get install ldirectord-2 and heartbeat-2 and have
heartbeat stopped at the moment to get ldirector working. Everything
seems to come up fine and I then change the gateway on the smtp server
to be the director eth1. From the smtp server I can ping the director
and anything in that subnet but nothing outside of that (seems like my
problem but I can't fix it). From the director I can connect to the
smtp server in any way I want. When I try to connect from another
subnet to the directors eth0, tcpdump on the smtp server shows me that
the connection is getting there and its trying to talk back, but nothing
ever actually gets back to my client. I can run ipvsadm on the director
and it shows the connections in the InActConn column.
Any help is most appreciated, and if you need more info to help me let
me know.
|