Have you check your firewall configuration.? direct routing is sometimes not
permitted by the network setup, it assumes DR like IP spoofing.
I tried DR but didn't worked. but sure TUNULING would work. remember all the
servers under same Router. otherwise your packet would be droped at the
forigen router.
Configure your Ldirector this way
negotiatetimeout=10
checktimeout=10
checkinterval=30
checkcount=10
autoreload=no
logfile="/var/log/ldirectord.log"
virtual=yourVIP:443
real=RS1IP:443 ipip ## this is IPIP incapsulation
real=RS2IP:443 ipip
service=https
request="/www/test.html" # this is the Test file for Ldirector to
test the health of RS
receive="300"
scheduler=sh # this schedular is for source hashing
protocol=tcp
checktype=negotiate
virtual=yourVIP:1369 # you may add more than 1 virtual service in
Ldirector
real=RS1IP:1369 ipip
real=RS2IP:1369 ipip
checkport=369
service=ldap
request="dc=yourSuffix"
receive="dc=yourSuffix"
scheduler=rr # this is for round robin
protocol=tcp
checktype=negotiate
Configure the tunul on your Real Servers like this.
ifconfig tunl0 0.0.0.0 up;
ifconfig tunl0 yourVIP netmask 255.255.255.255 broadcast yourVIP;
echo "1" > /proc/sys/net/ipv4/conf/all/hidden;
echo "1" > /proc/sys/net/ipv4/conf/tunl0/hidden;
echo "1" > /proc/sys/net/ipv4/conf/all/arp_ignore;
echo "2" > /proc/sys/net/ipv4/conf/all/arp_announce;
echo "1" > /proc/sys/net/ipv4/conf/tunl0/arp_ignore;
echo "2" > /proc/sys/net/ipv4/conf/tunl0/arp_announce;
echo "0" > /proc/sys/net/ipv4/conf/tunl0/rp_filter;
echo "1" > /proc/sys/net/ipv4/ip_forward;
/etc/init.d/arno-iptables-firewall stop;
Now start you Ldirector ::: ldirectord start
Good Luck
Regards
Anil Sharma
On Fri, Feb 20, 2009 at 12:05 PM, Meghanand Acharekar <
vasco.postfix@xxxxxxxxx> wrote:
> Hi,
> I am having following configuration of LVS Cluster.
> All servers in the following configuration have Public IP and can access
> internet.
>
> I want to setup Linux-DR
>
> Master/ Director
> IP address = 192.168.0.1
> Gateway = 192.168.0.254
> VIP = 192.168.2.1
>
> Realserver 1
> IP Address = 192.168.2.2
> Gateway = 192.168.2.254
> Netmask = 255.255.255.224
>
> Realserver 2
> IP Address = 192.168.2.3
> Gateway = 192.168.2.254
> Netmask = 255.255.255.224
>
>
> All the systems are CENTOS 5.2
>
> I enabled packet forwarding on Director using
> also disabled arp request
>
> My sysctrl -p output on realservers is as follows
> [root@localhost ~]# sysctl -p
> net.ipv4.ip_forward = 1
> net.ipv4.conf.default.rp_filter = 1
> net.ipv4.conf.default.accept_source_route = 0
> kernel.sysrq = 0
> kernel.core_uses_pid = 1
> net.ipv4.tcp_syncookies = 1
> kernel.msgmnb = 65536
> kernel.msgmax = 65536
> kernel.shmmax = 4294967295
> kernel.shmall = 268435456
> net.ipv4.conf.eth0.arp_ignore = 1
> net.ipv4.conf.eth0.arp_announce = 2
> net.ipv4.conf.all.arp_ignore = 1
> net.ipv4.conf.all.arp_announce = 2
>
> I configured VIP on Director using following command
> ifconfig eth1 192.168.2.1 broadcast 192.168.2.255 netmask 255.255.0.0
>
> I am running smtp service on both the realservers,
>
> Did all stuff with ipvsadm
>
> but still not able to telnet 192.168.2.1 25
>
> it gives me
>
> Trying 216.185.60.11...
> telnet: Unable to connect to remote host: No route to host
>
> but I am able to ping 216.185.60.1
>
> Not able to find out the prob,
>
> Thanx in adv.
>
> Meghanand Acharekar
> _______________________________________________
> Please read the documentation before posting - it's available at:
> http://www.linuxvirtualserver.org/
>
> LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
> Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
> or go to http://lists.graemef.net/mailman/listinfo/lvs-users
>
_______________________________________________
Please read the documentation before posting - it's available at:
http://www.linuxvirtualserver.org/
LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
or go to http://lists.graemef.net/mailman/listinfo/lvs-users
|