|
Hello,
On Wed, 13 Apr 2011, Romain Meillon wrote:
> Hello,
>
> Before posting here i searched on google and followed the howto in
> this page : http://www.ssi.bg/~ja/L4-NAT-HOWTO.txt without success..
>
> I'm trying to configure IPVS 1.2.1 (debian squeeze) in a simple way
What is the kernel version and how the IPVS is
configured?
uname -a
grep IP_VS .config
> for an SMTP and HTTP services (just one real server for the moment)
> for a future use with ldirectord:
>
> Client <--internet--> IPVS <--LAN--> Real Server (10.254.0.100)
>
> not really difficult, i need masquerade, just put this in ipvsadm :
>
> /sbin/ipvsadm -A -t <PUB_IP>:25 -s rr
> /sbin/ipvsadm -a -t <PUB_IP>:25 -r 10.254.0.100:25 -m -w 1
>
> /sbin/ipvsadm -A -t <PUB_IP>:80 -s rr
> /sbin/ipvsadm -a -t <PUB_IP>:80 -r 10.254.0.100:25 -m -w 1
>
> Netfilter (+ ip_forward=1) :
> iptables -t nat -A POSTROUTING -s 10.254.0.100/24 -j MASQUERADE
>
> The real server have the IPVS as default gateway and can ping the
> client, if I telnet the real server from IPVS, i've got the expected
> results (SMTP CLI, or HTTP code).
>
> >From an internet client, the connection is established, but the
> service does not answer correctly, telnet stay empty or web browser
> wait for the IPVS without having any HTTP code..
>
> # ipvsadm -L
> IP Virtual Server version 1.2.1 (size=4096)
> Prot LocalAddress:Port Scheduler Flags
> -> RemoteAddress:Port Forward Weight ActiveConn InActConn
> TCP <PUB_IP>:smtp rr
> -> 10.254.0.100:smtp Masq 1 0 0
> TCP <PUB_IP>:www rr
> -> 10.254.0.100:www Masq 1 0 1
>
> Here is the tcpdump output on LVS when the client try to telnet the
> SMTP service, same when i try to open a web page :
>
> 16:21:36.176384 IP <CLIENT_IP>.59643 > 10.254.0.100.25: Flags [S], seq
> 479176996, win 8192, options [mss 1460,nop,nop,sackOK], length 0
> 16:21:36.176757 IP 10.254.0.100.25 > <CLIENT_IP>.59643: Flags [S.],
> seq 1080015144, ack 479176997, win 5840, options [mss
> 1460,nop,nop,sackOK], length 0
> 16:21:36.223255 IP <CLIENT_IP>.59643 > 10.254.0.100.25: Flags [.], ack
> 1, win 64240, length 0
ACK means TCP connection is established.
> 16:21:36.226166 IP 10.254.0.100.25 > <CLIENT_IP>.59643: Flags [P.],
> seq 1:49, ack 1, win 5840, length 48
> 16:21:39.222989 IP 10.254.0.100.25 > <CLIENT_IP>.59643: Flags [P.],
> seq 1:49, ack 1, win 5840, length 48
> 16:21:45.223284 IP 10.254.0.100.25 > <CLIENT_IP>.59643: Flags [P.],
> seq 1:49, ack 1, win 5840, length 48
Can you check in client if the above packets are
received with checksum errors? Add -v to tcpdump in client
box and in other boxes too. I assume the above output shows
only traffic between real server and director.
Also, when testing DR mode the arp_ignore and
arp_announce flags should be configured on ethernet
devices, not on loopback. This is different from the
hidden flag that was used before.
> and the tcpdump from the real server :
>
> 16:31:55.428339 IP <CLIENT_IP>.59856 > 10.254.0.100.25: S
> 4217040225:4217040225(0) win 8192 <mss 1460,nop,nop,sackOK>
> 16:31:55.428402 IP 10.254.0.100.25 > <CLIENT_IP>.59856: S
> 2200826876:2200826876(0) ack 4217040226 win 5840 <mss
> 1460,nop,nop,sackOK>
> 16:31:55.474609 IP <CLIENT_IP>.59856 > 10.254.0.100.25: . ack 1 win 64240
> 16:31:55.505497 IP 10.254.0.100.25 > <CLIENT_IP>.59856: P 1:49(48) ack
> 1 win 5840
> 16:31:58.505138 IP 10.254.0.100.25 > <CLIENT_IP>.59856: P 1:49(48) ack
> 1 win 5840
>
> if someone can enlighten me i would be enjoyed :)
>
> Thanks a lot!
>
> --
> Romain
Regards
--
Julian Anastasov <ja@xxxxxx>
_______________________________________________
Please read the documentation before posting - it's available at:
http://www.linuxvirtualserver.org/
LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
or go to http://lists.graemef.net/mailman/listinfo/lvs-users
|
