|
On Sat, 21 Mar 2009, Graeme Fowler wrote:
> What you'll need to do is as follows:
>
> # /sbin/ip address add 10.9.3.6/32 dev eth0
> # /sbin/ipvsadm -A -t 10.9.3.6:80 -s rr
> # /sbin/ipvsadm -a -t 10.9.3.6:80 -r 10.9.3.1:80 -w 100 -m
> # /sbin/ipvsadm -a -t 10.9.3.6:80 -r 10.9.3.2:80 -w 100 -m
>
> That then gets you a very basic virtual server on 10.9.3.6:80/tcp which
> has realservers on port 80/tcp on addresses 10.9.3.1 and 10.9.3.2, using
> the "masquerade" method (LVS-NAT). The prerequisite for this is that the
> realservers have a default gateway address pointing to the director, ie.
> 10.9.3.6.
>
> Once you have this set up, you can try to access the VIP from a client
> which is *not on the same LAN as the VIP or the realservers*. This is a
> key point - the return traffic MUST go back via the director in LVS-NAT
> or the SYN/AYN-ACK/ACK handshake will fail.
>
> Please try this and let us know how you get on.
Okay, I did that, and the result is -- improved? I think?
I can see the HTTP request in the logs of one of the real servers. So
the request gets that far. But the response apparently never reaches
the client; curl just sits waiting until it finally times out. I
_was_ testing from a different subnet. I can ping the client from the
real servers, so at least some of the networking magic appears to be
working fine.
Chris St. Pierre
Unix Systems Administrator
Nebraska Wesleyan University
_______________________________________________
Please read the documentation before posting - it's available at:
http://www.linuxvirtualserver.org/
LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
or go to http://lists.graemef.net/mailman/listinfo/lvs-users
|
