|
More info:
Last night late, I edited my ipvsadm file and changed my wlc's to sh's, and
then did a ipvsadm-restore. I tested it from a variety of locations, using ssh
and vnc and all looked cool. I verified I always landed on the same box, at
least on a per-protocol level. All was good.
This morning, I'm rudely awakened by developers in the office that are all
getting connection refused from the cluster for everything but telnet. If I do
an iptstate on the director, I see an outbound ESTABLISHED to every client node
on that net to port 80 (I'm not even using this port) from port 58008. I will
admit I did do a nmap -sP to that net to see if I could reach it. Could that be
the port 80 entries? Also the TTL on these outbounds is 119 hours!
Anyway, the question: should I failover tothe spare director to make this
scheduler change?
-C
-----Original Message-----
From: lvs-users-bounces@xxxxxxxxxxxxxxxxxxxxxx on behalf of Christopher Barry
Sent: Wed 4/9/2008 9:28 AM
To: lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Subject: [lvs-users] sh algo w/ NAT?
Does this work? I'm getting people on a network unable to connect.
-C
|
