|
Nothing in the logs about that -- the only thing was in the
piranha/piranha-gui log about:
[Tue Mar 30 18:05:21 2010] [error] [client xxx.xxx.xxx.xxx] PHP Notice:
Undefined index: sorry_server in
/etc/sysconfig/ha/web/secure/virtual_edit_virt.php on line 262, referer:
http://lvs.domain.com:3636/secure/virtual_main.php
ipvsadm -L -n :
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.1.174:80 wlc
-> 192.168.1.153:80 Route 1 0 0
On 3/30/2010 6:21 PM, Anoop Bhat wrote:
> Check the logs...
>
> See if there are entries about timeouts/read timeouts
>
> What is the output of ipvsadm -L -n on the lvs server?
>
> Anoop Bhat
> Systems Administrator
> Trustwave
> 70 W. Madison
> Chicago, IL, 60602
> O: 312.873.7446
> C: 312.925.3271
>
>
>
> ________________________________
> From: James Chase<james@xxxxxxxxxxxxxxxxxxx>
> Reply-To: "LinuxVirtualServer.org users mailing
> list."<lvs-users@xxxxxxxxxxxxxxxxxxxxxx>
> Date: Tue, 30 Mar 2010 17:14:38 -0500
> To:<lvs-users@xxxxxxxxxxxxxxxxxxxxxx>
> Subject: Re: [lvs-users] CentOS 5 apache real servers don't respond
>
> Here it is. The page requests from my browser arrives at the LVS and I
> see it in tcpdump but it doesn't appear to get forwarded to the apache
> real server. The only traffic I see between the apache real server and
> the LVS is the period checks to see if the apache service is running. So
> perhaps there is actually something wrong with the LVS.
> *
> arptables -L on apache real server:*
>
> Table: filter
>
> Chain IN (policy ACCEPT)
>
> target source-ip destination-ip source-hw
> destination-hw hlen op hrd pro
>
> DROP anywhere 192.168.1.174 anywhere
> anywhere any any any any
>
> Chain OUT (policy ACCEPT)
>
> target source-ip destination-ip source-hw
> destination-hw hlen op hrd pro
>
> mangle anywhere 192.168.1.174 anywhere
> anywhere any any any any --mangle-ip-s
> 192.168.1.153
>
> Chain FORWARD (policy ACCEPT)
>
> target source-ip destination-ip source-hw
> destination-hw hlen op hrd pro
>
>
> *lvs.cf*
>
> serial_no = 41
>
> primary = 192.168.1.169
>
> primary_private = 192.168.1.30
>
> service = lvs
>
> backup_active = 1
>
> backup = 192.168.1.171
>
> backup_private = 192.168.1.31
>
> heartbeat = 1
>
> heartbeat_port = 539
>
> keepalive = 6
>
> deadtime = 18
>
> network = direct
>
> nat_nmask = 255.255.255.0
>
> debug_level = NONE
>
> monitor_links = 0
>
> syncdaemon = 0
>
> virtual HTTP {
>
> active = 1
>
> address = 192.168.1.174 eth0:1
>
> vip_nmask = 255.255.255.0
>
> port = 80
>
> send = "GET / HTTP/1.0\r\n\r\n"
>
> expect = "HTTP"
>
> use_regex = 0
>
> load_monitor = none
>
> scheduler = wlc
>
> protocol = tcp
>
> timeout = 60
>
> reentry = 15
>
> quiesce_server = 1
>
> server APACHE1 {
>
> address = 192.168.1.153
>
> active = 1
>
> weight = 1
>
> }
>
> }
>
>
>
> *apache real server networking (eth0:2 is the VIP):*
>
> eth0 Link encap:Ethernet HWaddr 00:50:56:A1:36:11
>
> inet addr:192.168.1.153 Bcast:192.168.1.255 Mask:255.255.255.0
>
> inet6 addr: fe80::250:56ff:fea1:3611/64 Scope:Link
>
> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
>
> RX packets:353659 errors:0 dropped:0 overruns:0 frame:0
>
> TX packets:250796 errors:0 dropped:0 overruns:0 carrier:0
>
> collisions:0 txqueuelen:1000
>
> RX bytes:65427023 (62.3 MiB) TX bytes:211251658 (201.4 MiB)
>
> eth0:1 Link encap:Ethernet HWaddr 00:50:56:A1:36:11
>
> inet addr:192.168.1.175 Bcast:192.168.1.255 Mask:255.255.255.0
>
> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
>
> eth0:2 Link encap:Ethernet HWaddr 00:50:56:A1:36:11
>
> inet addr:192.168.1.174 Bcast:192.168.1.255 Mask:255.255.255.0
>
> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
>
>
> On 3/30/2010 5:40 PM, Anoop Bhat wrote:
>
>> I'm assuming you're using arptbles_jf?
>>
>> Is that setup correctly?
>>
>> Can you provide the arptables -L output from the real server and the snippet
>> from lvs.cf that applies?
>>
>>
>> Anoop Bhat
>>
>>
>> ________________________________
>> From: James Chase<james@xxxxxxxxxxxxxxxxxxx>
>> Reply-To: "LinuxVirtualServer.org users mailing
>> list."<lvs-users@xxxxxxxxxxxxxxxxxxxxxx>
>> Date: Tue, 30 Mar 2010 16:35:32 -0500
>> To:<lvs-users@xxxxxxxxxxxxxxxxxxxxxx>
>> Subject: Re: [lvs-users] CentOS 5 apache real servers don't respond
>>
>> For now I am just trying to get a simple html page to load. I am
>> listening on all IP's and I did restart apache after adding the Virtual
>> IP to my apache real server just to make sure it was listening on that
>> IP now as well.
>>
>> I am using a virtual server setup (many sites on one IP) in apache, if
>> it matters.
>>
>> Anyone have any thoughts about my direct routing concerns and the setup
>> for that?
>>
>> On 3/30/2010 5:11 PM, Anoop Bhat wrote:
>>
>>
>>> I also had this issue at one point in time.
>>>
>>> Are you trying to do SSL virtual servers?
>>>
>>> I thought I fixed my issue by ensuring that the real apache servers were
>>> listening on all IP addresses on port 80/443.
>>>
>>> Anoop Bhat
>>> Systems Administrator
>>> Trustwave
>>> 70 W. Madison
>>> Chicago, IL, 60602
>>> O: 312.873.7446
>>> C: 312.925.3271
>>>
>>>
>>>
>>> ________________________________
>>> From: James Chase<james@xxxxxxxxxxxxxxxxxxx>
>>> Reply-To: "LinuxVirtualServer.org users mailing
>>> list."<lvs-users@xxxxxxxxxxxxxxxxxxxxxx>
>>> Date: Tue, 30 Mar 2010 16:03:57 -0500
>>> To:<lvs-users@xxxxxxxxxxxxxxxxxxxxxx>
>>> Subject: [lvs-users] CentOS 5 apache real servers don't respond
>>>
>>> I am trying to setup LVS on CentOS 5.4 using piranha/pulse. Ideally (I
>>> think) I would like to do direct routing so that I can still have my
>>> real servers (apache machines) able to connect directly to the internet.
>>>
>>> However, I'm not able to get the apache servers to respond correctly to
>>> the Virtual IP requests. From tcpdump it seems like the requests are
>>> being forwarded to the real server from the LVS but I don't get the page
>>> returned to me in my browser, and I don't see the request being sent out
>>> in tcpdump on the apache real server. I believe I have the virtual IP
>>> setup correctly on the real server.
>>>
>>> As a caveat though, if the real server responds and the apache server
>>> response goes out on it's external IP (which would be different than the
>>> Virual IP) -- isn't my firewall going to block that connection since it
>>> is not the IP of the connection I originally tried to establish?
>>>
>>> I also tried NAT briefly but was not able to get a connection there
>>> either. Is NAT the suggested way of doing this? It seems like indirect
>>> routing would be inconvenient/difficult if you had many virtual servers
>>> on the real apache servers and multiple SSL sites running as well.
>>>
>>> Thanks,
>>> James
>>>
>>>
>>> _______________________________________________
>>> Please read the documentation before posting - it's available at:
>>> http://www.linuxvirtualserver.org/
>>>
>>> LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
>>> Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
>>> or go to http://lists.graemef.net/mailman/listinfo/lvs-users
>>>
>>>
>>>
>>>
>>> _______________________________________________
>>> Please read the documentation before posting - it's available at:
>>> http://www.linuxvirtualserver.org/
>>>
>>> LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
>>> Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
>>> or go to http://lists.graemef.net/mailman/listinfo/lvs-users
>>>
>>>
>>>
>>
>> _______________________________________________
>> Please read the documentation before posting - it's available at:
>> http://www.linuxvirtualserver.org/
>>
>> LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
>> Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
>> or go to http://lists.graemef.net/mailman/listinfo/lvs-users
>>
>>
>>
>>
>> _______________________________________________
>> Please read the documentation before posting - it's available at:
>> http://www.linuxvirtualserver.org/
>>
>> LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
>> Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
>> or go to http://lists.graemef.net/mailman/listinfo/lvs-users
>>
>>
> _______________________________________________
> Please read the documentation before posting - it's available at:
> http://www.linuxvirtualserver.org/
>
> LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
> Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
> or go to http://lists.graemef.net/mailman/listinfo/lvs-users
>
>
>
>
> _______________________________________________
> Please read the documentation before posting - it's available at:
> http://www.linuxvirtualserver.org/
>
> LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
> Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
> or go to http://lists.graemef.net/mailman/listinfo/lvs-users
>
_______________________________________________
Please read the documentation before posting - it's available at:
http://www.linuxvirtualserver.org/
LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
or go to http://lists.graemef.net/mailman/listinfo/lvs-users
|
