Re: [lvs-users] LVS and Nat question

To:	lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Subject:	Re: [lvs-users] LVS and Nat question
From:	"Ryan O'Hara" <rohara@xxxxxxxxxx>
Date:	Fri, 09 Nov 2012 10:27:24 -0600

On 11/09/2012 09:53 AM, gary.gardner@xxxxxxxxxxxxxxxxxx wrote:
>   ipvsadm
> IP Virtual Server version 1.2.1 (size=4096)
> Prot LocalAddress:Port Scheduler Flags
>    ->  RemoteAddress:Port           Forward Weight ActiveConn InActConn
> TCP  local:http wlc
>    ->  remote:http                  Masq    1      0          0
>    ->  remote:http                  Masq    1      0          0
>   ps -ef | grep nanny
> root      1943  1928  0 Nov01 ?        00:00:32 /usr/sbin/nanny -c -h
> 192.168.0.201 -p 80 -r 80 -s GET / HTTP/1.0\r\n\r\n -x HTTP -q -a 15 -I
> /sbin/ipvsadm -t 6 -w 1 -V 98.190.148.186 -M m -U none --lvs
> root      1944  1928  0 Nov01 ?        00:00:33 /usr/sbin/nanny -c -h
> 192.168.0.202 -p 80 -r 80 -s GET / HTTP/1.0\r\n\r\n -x HTTP -q -a 15 -I
> /sbin/ipvsadm -t 6 -w 1 -V 98.190.148.186 -M m -U none --lvs
> root     26252  2278  0 08:51 pts/1    00:00:00 grep nanny

Do you have IP forwarding enabled on the director? Try this:

% sysctl net.ipv4.ip_forward

Also, can you look to see that the VIP is actually assigned to your eth0 
interface? Try 'ip addr show dev eth0'.

Ryan


>> Hello Gary,
>>
>> Could you please type
>> ipvsadm
>> on the piranha server and give me the output ?
>> Also the output of
>> ps -ef | grep nanny
>>
>> With those informations I might be able to help.
>>
>> Best regards,
>>
>> Xavier
>>
>>
>> On Fri, Nov 9, 2012 at 9:29 AM,<gary.gardner@xxxxxxxxxxxxxxxxxx>  wrote:
>>
>>> Ok I had to take a break from trying to configure Piranha so I could
>>> work
>>> on other things. But now I am back to it.
>>>
>>> Ok here's the problem.  The Piranha is successfully pinging the real
>>> servers and I can see that in the http logs.
>>>
>>> The Piranha side that is talking to the Internet doesn't seem to be
>>> answering on Port 80.  The firewall ports are open for 3636, 80 and 539.
>>>
>>> If I do a tcpdump for eth0, which is the front facing/internet side, I
>>> see
>>> that I am getting traffic on that interface.
>>>
>>> However, it doesn't appear that Piranha is doing anything with it.
>>>
>>> What would you like me to attempt and what dump/log/trace should I send
>>> to
>>> help troubleshoot?
>>>
>>> I have tried using the Direct Method and the NAT method.  It just
>>> doesn't
>>> seem to be listening on Port 80.
>>>
>>>   netstat -an | grep 80
>>> tcp        1      0 98.190.148.186:36757        174.76.227.75:80
>>>   CLOSE_WAIT
>>>
>>>
>>>>
>>>> On 10/26/12 1:03 AM, gary.gardner@xxxxxxxxxxxxxxxxxx wrote:
>>>>>> The VIP is an external IP that I can ping.  The real web servers are
>>> on
>>>>>> a
>>>>>> 192.168.0.xxx subnet.  The VIP machine has eth1 that is on the
>>>>>> 192.168.0.xxx subnet and I can see the pulse getting to those
>>> servers.
>>>>>> What I cannot get is anything responding on 80.  It's as if the
>>>>>> firewall
>>>>>> isn't letting traffic in or nothing is listening on 80.
>>>> If you run tcpdump on your real servers, do they see any port 80
>>>> traffic? Do they have the VIP configured on their loopback, or a
>>>> iptables REDIRECT rule in place to handle the traffic?
>>>>
>>>> Do you see iptables or ipvsadm counters incrementing when you are
>>>> connecting? Are you connecting from inside or outside network?
>>>>
>>>> _______________________________________________
>>>> Please read the documentation before posting - it's available at:
>>>> http://www.linuxvirtualserver.org/
>>>>
>>>> LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
>>>> Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
>>>> or go to http://lists.graemef.net/mailman/listinfo/lvs-users
>>>>
>>>
>>> _______________________________________________
>>> Please read the documentation before posting - it's available at:
>>> http://www.linuxvirtualserver.org/
>>>
>>> LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
>>> Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
>>> or go to http://lists.graemef.net/mailman/listinfo/lvs-users
>>>
>> _______________________________________________
>> Please read the documentation before posting - it's available at:
>> http://www.linuxvirtualserver.org/
>>
>> LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
>> Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
>> or go to http://lists.graemef.net/mailman/listinfo/lvs-users
>>
>
> _______________________________________________
> Please read the documentation before posting - it's available at:
> http://www.linuxvirtualserver.org/
>
> LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
> Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
> or go to http://lists.graemef.net/mailman/listinfo/lvs-users


_______________________________________________
Please read the documentation before posting - it's available at:
http://www.linuxvirtualserver.org/

LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
or go to http://lists.graemef.net/mailman/listinfo/lvs-users

<Prev in Thread]	Current Thread	[Next in Thread>
Re: [lvs-users] LVS and Nat question, gary . gardner Re: [lvs-users] LVS and Nat question, Malcolm Turnbull Re: [lvs-users] LVS and Nat question, xavier pajona Re: [lvs-users] LVS and Nat question, gary . gardner Re: [lvs-users] LVS and Nat question, Ryan O'Hara <= Re: [lvs-users] LVS and Nat question, gary . gardner

Previous by Date:	Re: [lvs-users] LVS and Nat question, gary . gardner
Next by Date:	Re: [lvs-users] LVS and Nat question, gary . gardner
Previous by Thread:	Re: [lvs-users] LVS and Nat question, gary . gardner
Next by Thread:	Re: [lvs-users] LVS and Nat question, gary . gardner
Indexes:	[Date] [Thread] [Top] [All Lists]