LVS
lvs-users
Google
 
Web LinuxVirtualServer.org

[lvs-users] ldirectord trouble

To: lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Subject: [lvs-users] ldirectord trouble
From: Mason Loring Bliss <mason@xxxxxxxxxxx>
Date: Wed, 30 Jan 2008 13:34:11 -0500
Hi, all.

I'm trying to get ldirectord to do simple balancing, with a more complex
configuration later, when everything works. This is on Debian Etch, using the
stock Etch package.

My /etc/ha.d/ldirectord.cf is as follows:

--- 8< -----------------------------------------------------------------------

checktimeout=3
checkinterval=1
fallback=127.0.0.1:80
autoreload=yes
logfile="/var/log/ldirectord.log"
quiescent=yes

virtual=192.168.128.246:80
        real=172.16.0.29:80 gate
        fallback=www.yahoo.com:80 gate
        service=http
        request="index.html"
        receive="test page"
        virtualhost=[elided in the interests of privacy]
        scheduler=rr
        #persistent=600
        #netmask=255.255.255.255
        protocol=tcp

--- 8< -----------------------------------------------------------------------

I'm not sure what's going on here, so the facts in a vaguely random order:

1. I see health checks from the ldirectord box to the farm box.

2. The farm box can get out through the ldirectord box, and I have this rule
in place:

    iptables -t nat -A POSTROUTING -o eth0 -s 172.16.0.29 -j SNAT --to-source
        192.168.128.246

3. The director box has an interface alias for 192.168.128.246.

4. Traffic to the virtual server address isn't answered. No packets are being
passed back to the farm. Packet forwarding is turned on, and if on some
client I set a route to the farm network through the ldirectord box, I get
packets back and forth. It's only packets to the virtual address that are
failing.

5. The status command gives me something strange:

    /etc/ha.d# ldirectord ldirectord.cf status
    ldirectord is stopped for /etc/ha.d/ldirectord.cf

6. I'm running a stock kernel, and I've verified that CONFIG_IP_VS_PROTO_TCP
is turned on.


I'm sure I'm missing some concepts here, but I'm having some trouble finding
them. Shouldn't the ldirectord box be taking packets for the virtual address,
port 80, and be routing them to 172.16.0.29 in this case?

If I try telnetting to port 80 of the virtual address, I see this:

pacific /etc/ha.d# ipvsadm -L -n
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
  -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
TCP  192.168.128.246:80 rr
  -> 172.16.0.29:80               Route   1      0          1

Prior to trying, InActConn is 0, and it reverts after a time.

I'm not sure where to go next. Suggestions are gladly welcome!

-- 
 Mason Loring Bliss         mason@xxxxxxxxxxx        http://blisses.org/  
"I am a brother of jackals, and a companion of ostriches."  (Job 30 : 29)


<Prev in Thread] Current Thread [Next in Thread>