Re: [lvs-users] Can't make LVS work on Centos 5

["Amos Shapira" <amos.shapira@xxxxxxxxx>]

Another piece of information I forgot to add, output of ipvsadm -L -n when a
client is connect (but not receiving any output from the server):

# ipvsadm -L -n
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
  -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
TCP  192.168.0.82:80 rr persistent 600
  -> 192.168.0.85:80              Route   1      1          0
  -> 192.168.0.84:80              Local   1      0          0

And "netstat -tn" on the non-ldirector server time:

# netstat -tn | sed -e 's/74\.54\.241/192.168.0/g'
Active Internet connections (w/o servers)
Proto Recv-Q Send-Q Local Address               Foreign Address
State
tcp        0      0 192.168.0.82:80             220.233.95.244:51931
SYN_RECV


Thanks,

--Amos

On Thu, May 29, 2008 at 5:20 PM, Amos Shapira <amos.shapira@xxxxxxxxx>
wrote:

> On Thu, May 29, 2008 at 11:10 AM, Joseph Mack NA3T <jmack@xxxxxxxx> wrote:
>
>> On Thu, 29 May 2008, Amos Shapira wrote:
>>
>> > Are the two different subnets a problem at all for any LVS
>> configuration?
>>
>> read the entry in the HOWTO
>>
>> >> don't need this
>> >
>> > Is this answer correct only for LVS-NAT or is it also for LVS-DR?
>>
>> you don't understand what's going on, so yes or no
>> at not answers
>
>
> OK, I did another round of "scrap it all and start again" and now this is
> where I stand:
>
> I followed the instructions in
> http://www.ultramonkey.org/3/topologies/hc-ha-lb-eg.html just to see that
> I can get it to work.
>
> The current setup is:
> ldirectord runs on 192.168.0.84/28 as master
> ldirectord runs on 192.168.0.65/28 (also has 192.168.0.85/28 assigned to
> its eth0 with direct call to "ip add") as backup.
> ipvsadm on the master ldirectord:
> # ipvsadm -L -n
> IP Virtual Server version 1.2.1 (size=4096)
> Prot LocalAddress:Port Scheduler Flags
>   -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
> TCP  192.168.0.82:80 rr persistent 600
>   -> 192.168.0.85:80              Route   1      0          0
>   -> 192.168.0.84:80              Local   1      0          0
> ipvsadm on the backup ldirectord:
> # ipvsadm -L -n
> IP Virtual Server version 1.2.1 (size=4096)
> Prot LocalAddress:Port Scheduler Flags
>   -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
>
> # ip a s eth0 (on ldirectord)
> 7: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue
>     link/ether 00:1e:4f:0f:64:b2 brd ff:ff:ff:ff:ff:ff
>     inet 192.168.0.84/28 brd 192.168.0.95 scope global eth0
>     inet 192.168.0.82/28 brd 192.168.0.95 scope global secondary eth0
>     inet6 fe80::21e:4fff:fe0f:64b2/64 scope link
>        valid_lft forever preferred_lft forever
>
> # ip a s eth0 (on non-ldirectord)
> 7: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue
>     link/ether 00:1e:4f:0f:b1:37 brd ff:ff:ff:ff:ff:ff
>     inet 192.168.0.68/28 brd 192.168.0.79 scope global eth0
>     inet 192.168.0.85/28 brd 192.168.0.95 scope global eth0:0
>     inet6 fe80::21e:4fff:fe0f:b137/64 scope link
>        valid_lft forever preferred_lft forever
>
> # ip a s lo (on ldirectord)
> 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue
>     link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
>     inet 127.0.0.1/8 scope host lo
>     inet6 ::1/128 scope host
>        valid_lft forever preferred_lft forever
>
> # ip a s lo (on non-ldirector)
> 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue
>     link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
>     inet 127.0.0.1/8 scope host lo
>     inet 192.168.0.82/32 brd 255.255.255.255 scope global lo
>     inet6 ::1/128 scope host
>        valid_lft forever preferred_lft forever
>
> # arptables -L -v -n (on non-ldirector)
> Chain IN (policy ACCEPT 113 packets, 3164 bytes)
>  pkts bytes target     in     out     source-ip
> destination-ip       source-hw          destination-hw     hlen   op
> hrd        pro
>     0     0 DROP       *      *       0.0.0.0/0            192.168.0.82
> 00/00              00/00              any    0000/0000  0000/0000  0000/0000
>
> Chain OUT (policy ACCEPT 78 packets, 2184 bytes)
>  pkts bytes target     in     out     source-ip
> destination-ip       source-hw          destination-hw     hlen   op
> hrd        pro
>     0     0 mangle     *      eth0    192.168.0.82         0.0.0.0/0
> 00/00              00/00              any    0000/0000  0000/0000  0000/0000
> --mangle-ip-s 192.168.0.68
>
> Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
>  pkts bytes target     in     out     source-ip
> destination-ip       source-hw          destination-hw     hlen   op
> hrd        pro
>
> arptable on ldirectord is stopped.
>
> # arp -n (on ldirectord)
> Address                  HWtype  HWaddress           Flags Mask
> Iface
> 192.168.0.81             ether   00:1E:13:CA:4A:7F   C
> eth0
> 192.168.0.85             ether   00:1E:4F:0F:B1:37   C
> eth0
>
> # arp -n (on non-ldirector)
> Address                  HWtype  HWaddress           Flags Mask
> Iface
> 192.168.0.81             ether   00:1E:13:CA:4A:7F   C
> eth0
> 192.168.0.84             ether   00:1E:4F:0F:64:B2
> C                      eth0
> 192.168.0.85             ether   00:1E:4F:0F:B1:37   C
> eth0
>
> What I see in tcpdump on the ldirectord when I connect from an outside
> client is:
>
> # tcpdump -nn host 233.220.244.95 and not port 22
> tcpdump: WARNING: peth0: no IPv4 address assigned
> tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
> listening on peth0, link-type EN10MB (Ethernet), capture size 96 bytes
> 02:08:09.138227 IP 233.220.244.95.62649 > 192.168.0.82.80: S
> 2886883892:2886883892(0) win 5840 <mss 1402,sackOK,timestamp 282486030
> 0,nop,wscale 7>
> 02:08:09.138360 IP 192.168.0.82.80 > 233.220.244.95.62649: S
> 1778015608:1778015608(0) ack 2886883893 win 5792 <mss 1460,sackOK,timestamp
> 23361075 282486030,nop,wscale 7>
> 02:08:09.345026 IP 233.220.244.95.62649 > 192.168.0.82.80: . ack 1 win 46
> <nop,nop,timestamp 282486082 23361075>
> 02:08:13.137254 IP 192.168.0.82.80 > 233.220.244.95.62649: S
> 1778015608:1778015608(0) ack 2886883893 win 5792 <mss 1460,sackOK,timestamp
> 23362075 282486082,nop,wscale 7>
> 02:08:13.353012 IP 233.220.244.95.62649 > 192.168.0.82.80: . ack 1 win 46
> <nop,nop,timestamp 282487082 23362075,nop,nop,sack 1 {0:1}>
> 02:08:19.337641 IP 192.168.0.82.80 > 233.220.244.95.62649: S
> 1778015608:1778015608(0) ack 2886883893 win 5792 <mss 1460,sackOK,timestamp
> 23363625 282487082,nop,wscale 7>
> 02:08:19.557727 IP 233.220.244.95.62649 > 192.168.0.82.80: . ack 1 win 46
> <nop,nop,timestamp 282488632 23363625,nop,nop,sack 1 {0:1}>
> 02:08:31.338386 IP 192.168.0.82.80 > 233.220.244.95.62649: S
> 1778015608:1778015608(0) ack 2886883893 win 5792 <mss 1460,sackOK,timestamp
> 23366625 282488632,nop,wscale 7>
> 02:08:31.546088 IP 233.220.244.95.62649 > 192.168.0.82.80: . ack 1 win 46
> <nop,nop,timestamp 282491632 23366625,nop,nop,sack 1 {0:1}>
> 02:08:35.174715 IP 233.220.244.95.62649 > 192.168.0.82.80: FP 26:40(14) ack
> 1 win 46 <nop,nop,timestamp 282492539 23366625>
> 02:08:35.174749 IP 192.168.0.82.80 > 233.220.244.95.62649: . ack 1 win 46
> <nop,nop,timestamp 23367584 282491632,nop,nop,sack 1 {26:41}>
>
> The client's "telnet" reports that it connected to the server but I don't
> get a response from the server when I type in an HTTP request.
>
> Any ideas?
>
> Thanks.
>
> --Amos
>
>