LVS
lvs-users
Google
 
Web LinuxVirtualServer.org

Re: [lvs-users] LVS-NAT simple (?) setup not working in mysterious way?

To: "LinuxVirtualServer.org users mailing list." <lvs-users@xxxxxxxxxxxxxxxxxxxxxx>
Subject: Re: [lvs-users] LVS-NAT simple (?) setup not working in mysterious way?
From: Joseph Mack NA3T <jmack@xxxxxxxx>
Date: Wed, 19 Sep 2007 17:53:24 -0700 (PDT)
On Thu, 20 Sep 2007, Steve Wray wrote:

> Joseph Mack NA3T wrote:
>> On Thu, 20 Sep 2007, Steve Wray wrote:
>>
>>
>>> I am trying to set up a simple 2-network LVS-NAT to a webserver.
>>>
>>> So far as I can tell all of my config is by the book.
>>>
>>> I've stripped it down to one DIP, one RIP.
>>>
>>> In the end there is intended to be two directors with failover so the config
>>> shows the virtual IP of the interior interface of the director (eth1).
>>>
>>
>> not by the book. The VIP is on the outside
>>
>
> There are two 'virtual IP addresses'.
>
> One is on the outside, this is 10.10.0.15, this is the actual VIP
> address to which the client connects.
>
> One is on the inside to provide the gateway for the realservers, this is
> 192.168.0.254.

this is the DIP not the VIP

>
> I've tried it without this, with just the one director and using its
> internal interface as the gateway for the realserver. This has made no
> difference.
>
>
>>> This is used as the default route on the realserver.
>>>
>>> In the case of the /etc/network/interfaces, this is where I've been setting
>>> up the masquerading. Note that I've tried this with and without iptables
>>> masquerading on the director.
>>>
>>
>> not by the book. The HOWTO tells you not to use any iptables
>> rules till after you have the LVS running.
>>
>
> Like I said I've tried with and without. Both turn out the same.
>
>>> I am guessing not as most of the LVS-NAT documentation
>>> I've found does indicate configuring iptables rules for
>>> masquerading.
>>>
>>
>> not in the HOWTO. It's the gold standard on these matters.
>>
>>
>>> This appears to be such a simple setup that there has to be something very
>>> basic that I'm missing...
>>>
>>
>> yes,  the setup in the mini-HOWTO
>>
> I've been through the mini-HOWTO I don't know how many times.
>
> Its not helping.
>
>
> Do you think that you could spare a moment to please look at the
> tcpdumps I sent through?

there's no point in looking through tcpdumps for an LVS that 
isn't set up correctly.



Joe

-- 
Joseph Mack NA3T EME(B,D), FM05lw North Carolina
jmack (at) wm7d (dot) net - azimuthal equidistant map
generator at http://www.wm7d.net/azproj.shtml
Homepage http://www.austintek.com/ It's GNU/Linux!


<Prev in Thread] Current Thread [Next in Thread>