|
Hi All,
We are running Red Hat Enterprise 3 AS with:
ipvsadm-1.21-9.ipvs108
piranha-0.7.6-1
And
Kernel 2.4.21-27.0.2.ELsmp
We have a basic requirement to utilise 2 DNS server behind a pair of
LVS boxes. We noticed that our 8 Squid servers (also behind a pair of
LVS servers) display huge delays retrieving web pages when a DNS
server from /etc/resolv.conf fails. To aliviate this, we decided to
stick the DNS servers behind the LVS boxes.
The problem I find is that I can resolve from the DNS server directly,
however through the LVS box they fail. The following also reports in
/var/log/messages:
Aug 25 19:55:41 xxx nanny[27167]: READ to 172.18.0.121:53 timed out
Aug 25 19:55:41 xxx nanny[27168]: READ to 172.18.0.122:53 timed out
lvs.conf extract (TCP is there not for zone transfers but requests
that are > 512bytes):
virtual DNS-UDP {
active = 1
address = 172.18.0.120 sw0:3
vip_nmask = 255.255.255.0
fwmark = 53
port = 53
load_monitor = none
scheduler = wlc
service = none
protocol = udp
timeout = 6
reentry = 15
quiesce_server = 0
server DNS3 {
address = 172.18.0.121
active = 1
weight = 5
}
server DNS4 {
address = 172.18.0.122
active = 1
weight = 5
}
}
virtual DNS-TCP {
active = 1
address = 172.18.0.120 sw0:3
vip_nmask = 255.255.255.0
fwmark = 153
port = 53
load_monitor = none
scheduler = wlc
protocol = tcp
timeout = 6
reentry = 15
quiesce_server = 0
server DNS3 {
address = 172.18.0.121
active = 1
weight = 5
}
server DNS4 {
address = 172.18.0.122
active = 1
weight = 5
}
}
IPTables mangle rules:
-A PREROUTING -d 172.18.0.120 -p udp -m udp --dport 53 -j MARK --set-mark 0x35
-A PREROUTING -d 172.18.0.120 -p tcp -m tcp --dport 53 -j MARK --set-mark 0x99
Can anyone help, or point to some useful documentation -
http://www.austintek.com/LVS/LVS-HOWTO/HOWTO/LVS-HOWTO.services.single-port.html#DNS
Stumped me even more :)
Cheers,
James
--
Senior Systems Engineer
MCP+I, MCSE, RHCE, CCA
CSM Technology Adelaide
ph: 08 8418 7804
fax: 08 8418 7820
email: james.wilson@xxxxxxxxxx
internet: http://www.csm.com.au
|
