LVS
lvs-users
Google
 
Web LinuxVirtualServer.org

Re: [lvs-users] LVS configuration using pirahna

To: "LinuxVirtualServer.org users mailing list." <lvs-users@xxxxxxxxxxxxxxxxxxxxxx>
Subject: Re: [lvs-users] LVS configuration using pirahna
Cc: Reet Vyas <reet.vyas28@xxxxxxxxx>
From: David Coulson <david@xxxxxxxxxxxxxxxx>
Date: Wed, 21 Mar 2012 07:47:45 -0400
All I see in your tcpdump is ports 22 and 443. Can you only capture the 
packets related to the LVS connection? You also need to do the capture 
on the real server, since that is probably where the issue is.

On 3/21/12 3:51 AM, Reet Vyas wrote:
> Hi I Have reconfigured everything below are the details
>
> this is my ifconfig
>
> eth0      Link encap:Ethernet  HWaddr 00:00:E8:F6:74:DA
>            inet addr:122.166.233.133  Bcast:122.166.233.255
> Mask:255.255.255.0
>            inet6 addr: fe80::200:e8ff:fef6:74da/64 Scope:Link
>            UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
>            RX packets:94433 errors:0 dropped:0 overruns:0 frame:0
>            TX packets:130966 errors:0 dropped:0 overruns:0 carrier:0
>            collisions:0 txqueuelen:1000
>            RX bytes:9469972 (9.0 MiB)  TX bytes:19929308 (19.0 MiB)
>            Interrupt:16 Base address:0x2000
>
> eth0:1    Link encap:Ethernet  HWaddr 00:00:E8:F6:74:DA
>            inet addr:122.166.233.136  Bcast:122.166.233.255
> Mask:255.255.255.0
>            UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
>            Interrupt:16 Base address:0x2000
>
> eth1      Link encap:Ethernet  HWaddr 00:E0:20:14:F9:2D
>            inet addr:192.168.3.1  Bcast:192.168.3.255  Mask:255.255.255.0
>            inet6 addr: fe80::2e0:20ff:fe14:f92d/64 Scope:Link
>            UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
>            RX packets:123718 errors:0 dropped:0 overruns:0 frame:0
>            TX packets:148856 errors:0 dropped:0 overruns:0 carrier:0
>            collisions:0 txqueuelen:1000
>            RX bytes:18738556 (17.8 MiB)  TX bytes:11697153 (11.1 MiB)
>            Interrupt:17 Memory:60000400-600004ff
>
> eth1:1    Link encap:Ethernet  HWaddr 00:E0:20:14:F9:2D
>            inet addr:192.168.3.10  Bcast:192.168.3.255  Mask:255.255.255.0
>            UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
>            Interrupt:17 Memory:60000400-600004ff
>
> eth2      Link encap:Ethernet  HWaddr 00:16:76:6E:D1:D2
>            UP BROADCAST MULTICAST  MTU:1500  Metric:1
>            RX packets:0 errors:0 dropped:0 overruns:0 frame:0
>            TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
>            collisions:0 txqueuelen:1000
>            RX bytes:0 (0.0 b)  TX bytes:0 (0.0 b)
>            Interrupt:21 Base address:0xa500
>
>
>   and ipvsadm -ln command
>
> IP Virtual Server version 1.2.1 (size=4096)
> Prot LocalAddress:Port Scheduler Flags
>    ->  RemoteAddress:Port           Forward Weight ActiveConn InActConn
> TCP  122.166.233.136:5001 rr
> FWM  80 wlc
>    ->  192.168.3.2:80               Masq    1      0          0
>    ->  192.168.3.3:80               Masq    1      0          0
>
>
>
> and tcpdump as u asked for tcpdump -nn
>
> 13:20:51.719651 IP 14.140.226.234.42148>  122.166.233.133.22: Flags [.],
> ack 71072, win 1842, options [nop,nop,TS val 5369796 ecr 15415484], length 0
> 13:20:51.719666 IP 122.166.233.133.22>  14.140.226.234.42148: Flags [P.],
> seq 76992:77344, ack 49, win 338, options [nop,nop,TS val 15415577 ecr
> 5369796], length 352
> 13:20:51.723067 IP 14.140.226.234.42148>  122.166.233.133.22: Flags [.],
> ack 71424, win 1842, options [nop,nop,TS val 5369799 ecr 15415487], length 0
> 13:20:51.723083 IP 122.166.233.133.22>  14.140.226.234.42148: Flags [P.],
> seq 77344:77696, ack 49, win 338, options [nop,nop,TS val 15415581 ecr
> 5369799], length 352
> 13:20:51.727503 IP 14.140.226.234.42148>  122.166.233.133.22: Flags [.],
> ack 71776, win 1842, options [nop,nop,TS val 5369804 ecr 15415488], length 0
> 13:20:51.727518 IP 122.166.233.133.22>  14.140.226.234.42148: Flags [P.],
> seq 77696:78048, ack 49, win 338, options [nop,nop,TS val 15415585 ecr
> 5369804], length 352
> 13:20:51.729719 IP 14.140.226.234.42148>  122.166.233.133.22: Flags [.],
> ack 71984, win 1842, options [nop,nop,TS val 5369806 ecr 15415499], length 0
> 13:20:51.729734 IP 122.166.233.133.22>  14.140.226.234.42148: Flags [P.],
> seq 78048:78400, ack 49, win 338, options [nop,nop,TS val 15415587 ecr
> 5369806], length 352
> 13:20:51.730957 IP 180.149.241.196.443>  122.166.233.133.54647: Flags [.],
> ack 3204, win 258, options [nop,nop,TS val 8618337 ecr 15415521], length 0
> 13:20:51.730985 IP 122.166.233.133.54647>  180.149.241.196.443: Flags [P.],
> seq 3204:4628, ack 631, win 1002, options [nop,nop,TS val 15415589 ecr
> 8618337], length 1424
> 13:20:51.734903 IP 14.140.226.234.42148>  122.166.233.133.22: Flags [.],
> ack 72336, win 1842, options [nop,nop,TS val 5369811 ecr 15415504], length 0
> 13:20:51.734918 IP 122.166.233.133.22>  14.140.226.234.42148: Flags [P.],
> seq 78400:79120, ack 49, win 338, options [nop,nop,TS val 15415593 ecr
> 5369811], length 720
> 13:20:51.738592 IP 14.140.226.234.42148>  122.166.233.133.22: Flags [.],
> ack 72688, win 1842, options [nop,nop,TS val 5369815 ecr 15415517], length 0
> 13:20:51.738608 IP 122.166.233.133.22>  14.140.226.234.42148: Flags [P.],
> seq 79120:79472, ack 49, win 338, options [nop,nop,TS val 15415596 ecr
> 5369815], length 352
> 13:20:51.744741 IP 14.140.226.234.42148>  122.166.233.133.22: Flags [.],
> ack 73200, win 1842, options [nop,nop,TS val 5369821 ecr 15415518], length 0
> 13:20:51.744756 IP 122.166.233.133.22>  14.140.226.234.42148: Flags [P.],
> seq 79472:79824, ack 49, win 338, options [nop,nop,TS val 15415602 ecr
> 5369821], length 352
> 13:20:51.748002 IP 180.149.241.196.443>  122.166.233.133.54647: Flags [P.],
> seq 631:678, ack 3204, win 258, options [nop,nop,TS val 8618339 ecr
> 15415521], length 47
> 13:20:51.748016 IP 122.166.233.133.54647>  180.149.241.196.443: Flags [.],
> ack 678, win 1002, options [nop,nop,TS val 15415606 ecr 8618339], length 0
> 13:20:51.753389 IP 14.140.226.234.42148>  122.166.233.133.22: Flags [P.],
> seq 49:97, ack 73200, win 1842, options [nop,nop,TS val 5369829 ecr
> 15415518], length 48
>
> On Wed, Mar 21, 2012 at 12:43 AM, Enno 
> Gröper<enno+lvs@xxxxxxxxxxxxxxxxx>wrote:
>
>> Hi,
>>
>> Am 20.03.2012 13:15, schrieb Reet Vyas:
>>> I did that but still no luck I just want to know wat i am trying to
>>> configure is correct or not .. Can i access url from VIP as
>>> 192.168.3.10:8080 or not? this is the VIP of my lvs router and it is
>>> working with reasl server 192.168.3.2:8080 ..
>> Without knowledge about the client, we can't tell. In theory yes, it
>> should work (just looking at the lvs configuration).
>> For now I simply ignore your second NIC on the LVS node.
>> I think you have either a 1-NIC, 2 Network LVS-NAT [1] or a One Network
>> LVS-NAT [2]. But only you know that for sure.
>> In both cases the LVS configuration is correct, but you still need
>> tweaks for your network setup.
>> The problem with one-arm LVS nodes is ICMP redirects.
>> What happens, if you ping the client from one of your realservers?
>> Is there a redirect shown? (Don't know what this looks like on Windows.
>> But I assume, Windows ping shows such things, too)
>>
>> If I'm wrong with my assumption:
>> What is your exact setup?
>> * IP of client
>> * routing table of LVS node
>>
>> HTH,
>> Enno
>>
>> [1]
>>
>> http://www.austintek.com/LVS/LVS-HOWTO/HOWTO/LVS-HOWTO.LVS-NAT.html#lvs_nat_one_network_two_nic
>> [2]
>>
>> http://www.austintek.com/LVS/LVS-HOWTO/HOWTO/LVS-HOWTO.LVS-NAT.html#one_network
>>
>>
>> _______________________________________________
>> Please read the documentation before posting - it's available at:
>> http://www.linuxvirtualserver.org/
>>
>> LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
>> Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
>> or go to http://lists.graemef.net/mailman/listinfo/lvs-users
>>
> _______________________________________________
> Please read the documentation before posting - it's available at:
> http://www.linuxvirtualserver.org/
>
> LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
> Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
> or go to http://lists.graemef.net/mailman/listinfo/lvs-users

_______________________________________________
Please read the documentation before posting - it's available at:
http://www.linuxvirtualserver.org/

LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
or go to http://lists.graemef.net/mailman/listinfo/lvs-users

<Prev in Thread] Current Thread [Next in Thread>