|
No dice so far.
I am getting 'connection refused' when I attempt to connect to the VIP on
port 80 (which is the LVS VIP port).
I can see the connection on loopback, but not on eth0:1 (the VIP interface):
17:59:38.053548 00:00:00:00:00:00 > 00:00:00:00:00:00, ethertype IPv4
(0x0800), length 66: 192.168.10.13.56148 > 192.168.10.13.80: S
2993458444:2993458444(0) win 32792 <mss 16396,nop,nop,sackOK,nop,wscale 7>
E..4..@.@.....
but that is as far as it gets. No packets leave the box.
I can connect to port 80 ok on the realserver real IPs from the director.
I can see the iptables fwmark rule (-A OUTPUT -d 172.16.1.10 -p tcp -m tcp
--dport 80 -j MARK --set-mark 0x2) incrementing as it marks the packet.
I am using kernel 2.6.18 (RHEL) and ipvsadm v1.24 2005/12/10 (compiled with
popt and IPVS v1.2.1).
The config is as follows:
*Director/client box:*
eth0 192.168.10.140 (real IP)
eth0:1 192.168.10.13 (VIP)
iptables rules:
*mangle
-A OUTPUT -d 192.168.10.13 -p tcp -m tcp --dport 80 -j MARK --set-mark 0x2
COMMIT
*nat
-A PREROUTING -d 192.168.10.140 -p tcp -m tcp --dport 80 -j REDIRECT
--to-ports 3128
ip rule show:
0: from all lookup 255
100: from all fwmark 0x2 lookup VIP
32766: from all lookup main
32767: from all lookup default
ip route list table 100
local default dev lo scope host
I'm using keepalived to configure. Config:
-------------8<----------------
! Configuration File for keepalived
global_defs {
router_id LVS_ANON
}
virtual_server 192.168.10.13 80 {
delay_loop 6
lb_algo rr
lb_kind DR
nat_mask 255.255.255.0
!persistence_timeout 50
protocol TCP
real_server 192.168.10.41 80 {
weight 1
TCP_CHECK {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
real_server 192.168.10.208 80 {
weight 1
TCP_CHECK {
connect_timeout 3
nb_get_retry 300000
delay_before_retry 300000
}
}
}
-----------------8<--------
*Realservers:*
realserver1:
eth0 192.168.10.41
lo:0 192.168.10.13
realserver2:
eth0 192.168.10.208
lo:0 192.168.10.41
On both realservers, I have set arp to '1' in ignore for
/proc/sys/net/ipv4/conf/all/arp_ignore and
/proc/sys/net/ipv4/conf/eth0/arp_ignore
and '2' for /proc/sys/net/ipv4/conf/all/arp_announce
/proc/sys/net/ipv4/conf/eth0/arp_announce
So it looks like packets are still not getting past lo interface into IPVS.
Clearly I am doing something wrong here - further suggestions very welcome!
Campbell
On Sun, Sep 6, 2009 at 11:03 PM, campbell mcleay <
campbell.mcleay@xxxxxxxxxxxxxx> wrote:
> Hi Joe,
>
> Ah, no I had missed that :)
>
> It looks like the patch is in ip_vs_core.c, so I will try the ip tables and
> iproute2 rules and see how I go
>
> Many thanks,
>
> Campbell
>
>
> On Sun, Sep 6, 2009 at 9:02 PM, Joseph Mack NA3T <jmack@xxxxxxxx> wrote:
>
>> On Sun, 6 Sep 2009, campbell mcleay wrote:
>>
>> > Hi,
>> >
>> > I am attempting to set up an LVS director which will also be the origin
>> of
>> > the client requests.
>>
>> have you read the section in the HOWTO on the client being
>> on the director?
>>
>> Joe
>>
>> --
>> Joseph Mack NA3T EME(B,D), FM05lw North Carolina
>> jmack (at) wm7d (dot) net - azimuthal equidistant map
>> generator at http://www.wm7d.net/azproj.shtml
>> Homepage http://www.austintek.com/ It's GNU/Linux!
>>
>> _______________________________________________
>> Please read the documentation before posting - it's available at:
>> http://www.linuxvirtualserver.org/
>>
>> LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
>> Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
>> or go to http://lists.graemef.net/mailman/listinfo/lvs-users
>>
>
>
_______________________________________________
Please read the documentation before posting - it's available at:
http://www.linuxvirtualserver.org/
LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
or go to http://lists.graemef.net/mailman/listinfo/lvs-users
|
