|
The docs on the web site seem to be a little bit out of date, so I figured I'd
hit the mailing list to try to find some help with my problem. First, here's
what I'm trying to do:
- I have a half-dozen Windows-based virtual machines (XEN) that I need to
load-balance between. In the past, I've been using the direct route method,
but I've run into some issues - some very strange behavior (like my IPVS
director deciding to send out RSET packets to all of the clients at seemingly
random intervals).
- The IPVS director is also a Xen domU (VM), running SuSE Linux.
Having had issues in the past with the DR method, I decided to try my luck at
the NAT method. So, I enabled IP forwarding on my director:
sysctl net.ipv4.ip_forward=1
added a virtual IP address:
ifconfig eth0:2 <virtual IP>
added an iptables nat rule:
iptables -t nat -A POSTROUTING -s 172.16.34.0/24 -j SNAT --to-source <virtual
IP>
and updated the IPVS service table:
ipvsadm -A -t <virtual IP>:1234 -s wlc
ipvsadm -a -t <virtual IP>:1234 -r 172.16.34.10:1234 -m -x 1
Inside this particular Windows machine, I set the default route to the IP of
the directory (172.16.34.1). If I ping an IP address elsewhere on my network,
packets appear to be routed correctly and a look at the output of "iptables -t
nat -nvL" shows the packet counters for the rule I added in the POSTROUTING
table incrementing properly. However, if I try to connect to the virtual IP
address on the port 1234, the connection never gets established. A packet dump
shows the traffic going from the source machine (my laptop) to the director,
and then being passed on the Windows machine. I also see return packets from
the Windows machine go back to the IPVS director, however, after that they just
get "lost" - the counters in iptables do not increment, nor do the packets ever
show up on the outside interface. Is there something I'm doing wrong to get
this setup to work? I'm following the configuration guide for the 2.4 kernel
stuff from the linuxvirtualserver.org web site, sinc
e this is the closest I can find to current kernel versions.
Thanks,
Nick
--------
This e-mail may contain confidential and privileged material for the sole use
of the intended recipient. If this email is not intended for you, or you are
not responsible for the delivery of this message to the intended recipient,
please note that this message may contain SEAKR Engineering (SEAKR)
Privileged/Proprietary Information. In such a case, you are strictly
prohibited from downloading, photocopying, distributing or otherwise using this
message, its contents or attachments in any way. If you have received this
message in error, please notify us immediately by replying to this e-mail and
delete the message from your mailbox. Information contained in this message
that does not relate to the business of SEAKR is neither endorsed by nor
attributable to SEAKR.
_______________________________________________
Please read the documentation before posting - it's available at:
http://www.linuxvirtualserver.org/
LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
or go to http://lists.graemef.net/mailman/listinfo/lvs-users
|
