|
Hi,
I'm facing a problem with accessing services from one realserver (rs_a1)
through the director to another realserver (rs_b1). The setup is
something like this:
VIP_1 VIP_2
+----------+
| director |
+----------+
DIP_1 / \ DIP_2
+-------+ +-------+
V | rs_a1 | | rs_b1 | V
L +-------+ +-------+ L
A +-------+ +-------+ A
N | rs_a2 | | rs_b2 | N
1 +-------+ +-------+ 2
Really simple. Two VIPs on the director, two 'sets' of realservers
behind them, all LVS-NAT. Realservers rs_aX are in a seperate vlan and
have a different network address:
VIP_1 10.0.0.11 DIP_1 192.168.11.1
VIP_2 10.0.0.22 DIP_2 192.168.22.1
rs_aX 192.168.11.0/24 vlan_A
rs_bX 192.168.22.0/24 vlan_B
Now something happens. A realserver in vlan_A wants to access a webpage
that is loadbalanced behind VIP_2. So it does a:
rs_a1 $ wget http://VIP_2/page
And gets a timeout. Probably because the director receives the request
coming from 192.168.11.0/24 for 10.0.0.22 (which it has configured
locally) and forwards it without source NAT'ting it. Pure speculation
here because i can't seem to properly capture the traffic.
I see the request entering DIP_1 from rs_a1 with a destination of VIP_2.
But when i tell nmap to capture traffic (on the director) for the
interface where VIP_2 is configured, i see nothing with either a src_ip
of 192.168.11.0/24 or 10.0.0.11.
Anyone with some insight? :)
Léon
_______________________________________________
Please read the documentation before posting - it's available at:
http://www.linuxvirtualserver.org/
LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
or go to http://lists.graemef.net/mailman/listinfo/lvs-users
|
