Re: [lvs-users] tftp service and firewall mark

To:	"LinuxVirtualServer.org users mailing list." <lvs-users@xxxxxxxxxxxxxxxxxxxxxx>
Subject:	Re: [lvs-users] tftp service and firewall mark
From:	Simon Horman <horms@xxxxxxxxxxxx>
Date:	Mon, 28 Sep 2009 21:39:48 +1000

On Mon, Sep 28, 2009 at 01:23:17PM +0200, Hannes Eder wrote:
> On Mon, Sep 28, 2009 at 13:02, Simon Horman <horms@xxxxxxxxxxxx> wrote:
> > On Mon, Sep 28, 2009 at 12:10:10PM +0200, Nicolas Haller wrote:
> >> Hi all,
> >>
> >> I try to loadbalance a tftp service. For this, I try to add some mangle
> >> rules.
> >>
> >> The conf from ipvsadm is:
> >> FWM  1 wlc persistent 120
> >>   -> braille.nerim.net:69         Tunnel  1      0          0
> >>   -> morse.nerim.net:69           Tunnel  0      0          0
> >>
> >> and iptables is empty but have these two lines:
> >> Chain PREROUTING (policy ACCEPT 217M packets, 64G bytes)
> >>  pkts bytes target     prot opt in     out     source               
> >> destination
> >>    30  1470 MARK       udp  --  eth0   any     anywhere             
> >> lo-nc.nerim.net     udp dpt:tftp MARK xset 0x1/0xffffffff
> >>     0     0 MARK       udp  --  eth0   any     anywhere             
> >> lo-nc.nerim.net     udp dpts:1024:65535 MARK xset 0x1/0xffffffff
> >>
> >> So, when I test, lvs said:
> >>
> >> Sep 28 11:55:05 balancoire-1v kernel: [1121193.129497] IPVS: lookup/in UDP 
> >> 213.251.170.39:52249->194.79.128.129:69 not hit
> >> Sep 28 11:55:05 balancoire-1v kernel: [1121193.129514] IPVS: lookup/out 
> >> UDP 213.251.170.39:52249->194.79.128.129:69 not hit
> >> Sep 28 11:55:05 balancoire-1v kernel: [1121193.129529] IPVS: lookup 
> >> service: fwm 1 UDP 194.79.128.129:69 hit
> >> Sep 28 11:55:05 balancoire-1v kernel: [1121193.129545] IPVS: p-schedule: 
> >> src 213.251.170.39:52249 dest 194.79.128.129:69 mnet 213.251.170.39
> >> Sep 28 11:55:05 balancoire-1v kernel: [1121193.129561] IPVS: template 
> >> lookup/in IP 213.251.170.39:0->0.0.0.1:0 not hit
> >>
> >> So, lvs see the mark and the packet but it don't send the packet into ip-ip
> >> tunnel and the director send an ICMP udp port unreachable back to the 
> >> client.
> >>
> >> Someone can help me?
> >
> > Try inserting the ip_vs_ftp kernel module.
> 
> I am pretty sure that the ip_vs_ftp module will not help with _t_ftp.

Ooops. Yes, I think you are right there :-)


_______________________________________________
Please read the documentation before posting - it's available at:
http://www.linuxvirtualserver.org/

LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
or go to http://lists.graemef.net/mailman/listinfo/lvs-users

<Prev in Thread]	Current Thread	[Next in Thread>
[lvs-users] tftp service and firewall mark, Nicolas Haller Re: [lvs-users] tftp service and firewall mark, Simon Horman Re: [lvs-users] tftp service and firewall mark, Hannes Eder Re: [lvs-users] tftp service and firewall mark, Simon Horman <= Re: [lvs-users] tftp service and firewall mark, Graeme Fowler Re: [lvs-users] tftp service and firewall mark, Nicolas Haller Re: [lvs-users] tftp service and firewall mark, Graeme Fowler Re: [lvs-users] tftp service and firewall mark, Nicolas Haller

Previous by Date:	Re: [lvs-users] tftp service and firewall mark, Graeme Fowler
Next by Date:	Re: [lvs-users] tftp service and firewall mark, Nicolas Haller
Previous by Thread:	Re: [lvs-users] tftp service and firewall mark, Hannes Eder
Next by Thread:	Re: [lvs-users] tftp service and firewall mark, Graeme Fowler
Indexes:	[Date] [Thread] [Top] [All Lists]