Hi. I'm new to LVS and to this list.
I have two linux (kernel 2.6.32 x86_64) debian (squeeze) physical nodes
connected with a crossover cable on eth1 (1 Gb/s), while eth0 is connected
to internet. The NIC eth1 is bridged with TAP devices (virtual machines
running KVM).
| node1 (eth1) | ---------- xover cable ---------- | node2 (eth1) |
<vmbr0: 192.168.0.1/24> --------- <vmbr0: 192.168.0.2/24>
Each KVM virtual machine has its static IP in the 192.168.0.0/24 subnet, so
I can ping each virtual machine and the two physical nodes from any
physical or virtual node.
Now, I would like to create a LVS NAT load balancer running on the physical
nodes to forward HTTP traffic from a floating public IP address (let me say
1.2.3.4) assigned to eth0 to the real servers that are running inside 6
virtual machines (3 on the first node, and 3 on the second one).
This is my ipvsadmin ruleset active on the node with the public floating IP
up, the other physical node does not have the public VIP or any ipvsadm
rule running:
root@phynode1 ~ # ipvsadm -L -n
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 1.2.3.4:80 wlc
-> 192.168.0.11:80 Masq 1 0 0
-> 192.168.0.12:80 Masq 1 0 0
-> 192.168.0.13:80 Masq 1 0 0
-> 192.168.0.14:80 Masq 1 0 0
-> 192.168.0.15:80 Masq 1 0 0
-> 192.168.0.16:80 Masq 1 0 0
Each KVM virtual machine has 192.168.0.9 as default gateway, that is a
private VIP (vmbr0:1) running on the same node where LVS is active.
To make tests, I don't have any iptables rule on.
/proc/sys/net/ipv4/ip_forward is on.
Now, strange (for me) things are happening:
1) from a remote client in internet: telnet 1.2.3.4 80
2) the client gets a valid established connection
3) the client asks for "GET / HTTP/1.0\n\n"
4) the request hangs forever.
OK. I cleared this three LVS rules:
-> 192.168.0.11:80 Masq 1 0 0
-> 192.168.0.12:80 Masq 1 0 0
-> 192.168.0.13:80 Masq 1 0 0
forwarding traffinc only on the three real servers virtual machines running
on the second physical node that is not running the public VIP (1.2.3.4),
the private VIP (192.168.0.9) and LVS, and I had a second try:
1) from a remote client in internet: telnet 1.2.3.4 80
2) the client gets a valid established connection
3) the client asks for "GET / HTTP/1.0\n\n"
4) the request succeeds and get correctly balanced.
If I try to switch the public VIP, the private VIP and LVS from the first
node to the second one, I get the identical same thing. This one, the non
working VMs are 192.168.0.14, 192.168.0.15 and 192.168.0.16 that are
running to the second physical node.
I noted some duplicate ACKs where the connection hangs.
I cannot figure out what the problem is.
Any clue??
Thank you, Dino.
--
dAm2K, you know I'm there!
_______________________________________________
Please read the documentation before posting - it's available at:
http://www.linuxvirtualserver.org/
LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
or go to http://lists.graemef.net/mailman/listinfo/lvs-users
|