Another piece of information I forgot to add, output of ipvsadm -L -n when a client is connect (but not receiving any output from the server):
# ipvsadm -L -n IP Virtual Server version 1.2.1 (size=4096) Prot LocalAddress:Port Scheduler Flags -> RemoteAddress:Port Forward Weight ActiveConn InActConn TCP 192.168.0.82:80 rr persistent 600 -> 192.168.0.85:80 Route 1 1 0 -> 192.168.0.84:80 Local 1 0 0 And "netstat -tn" on the non-ldirector server time: # netstat -tn | sed -e 's/74\.54\.241/192.168.0/g' Active Internet connections (w/o servers) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 192.168.0.82:80 220.233.95.244:51931 SYN_RECV Thanks, --Amos On Thu, May 29, 2008 at 5:20 PM, Amos Shapira <[EMAIL PROTECTED]> wrote: > On Thu, May 29, 2008 at 11:10 AM, Joseph Mack NA3T <[EMAIL PROTECTED]> wrote: > >> On Thu, 29 May 2008, Amos Shapira wrote: >> >> > Are the two different subnets a problem at all for any LVS >> configuration? >> >> read the entry in the HOWTO >> >> >> don't need this >> > >> > Is this answer correct only for LVS-NAT or is it also for LVS-DR? >> >> you don't understand what's going on, so yes or no >> at not answers > > > OK, I did another round of "scrap it all and start again" and now this is > where I stand: > > I followed the instructions in > http://www.ultramonkey.org/3/topologies/hc-ha-lb-eg.html just to see that > I can get it to work. > > The current setup is: > ldirectord runs on 192.168.0.84/28 as master > ldirectord runs on 192.168.0.65/28 (also has 192.168.0.85/28 assigned to > its eth0 with direct call to "ip add") as backup. > ipvsadm on the master ldirectord: > # ipvsadm -L -n > IP Virtual Server version 1.2.1 (size=4096) > Prot LocalAddress:Port Scheduler Flags > -> RemoteAddress:Port Forward Weight ActiveConn InActConn > TCP 192.168.0.82:80 rr persistent 600 > -> 192.168.0.85:80 Route 1 0 0 > -> 192.168.0.84:80 Local 1 0 0 > ipvsadm on the backup ldirectord: > # ipvsadm -L -n > IP Virtual Server version 1.2.1 (size=4096) > Prot LocalAddress:Port Scheduler Flags > -> RemoteAddress:Port Forward Weight ActiveConn InActConn > > # ip a s eth0 (on ldirectord) > 7: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue > link/ether 00:1e:4f:0f:64:b2 brd ff:ff:ff:ff:ff:ff > inet 192.168.0.84/28 brd 192.168.0.95 scope global eth0 > inet 192.168.0.82/28 brd 192.168.0.95 scope global secondary eth0 > inet6 fe80::21e:4fff:fe0f:64b2/64 scope link > valid_lft forever preferred_lft forever > > # ip a s eth0 (on non-ldirectord) > 7: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue > link/ether 00:1e:4f:0f:b1:37 brd ff:ff:ff:ff:ff:ff > inet 192.168.0.68/28 brd 192.168.0.79 scope global eth0 > inet 192.168.0.85/28 brd 192.168.0.95 scope global eth0:0 > inet6 fe80::21e:4fff:fe0f:b137/64 scope link > valid_lft forever preferred_lft forever > > # ip a s lo (on ldirectord) > 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue > link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 > inet 127.0.0.1/8 scope host lo > inet6 ::1/128 scope host > valid_lft forever preferred_lft forever > > # ip a s lo (on non-ldirector) > 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue > link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 > inet 127.0.0.1/8 scope host lo > inet 192.168.0.82/32 brd 255.255.255.255 scope global lo > inet6 ::1/128 scope host > valid_lft forever preferred_lft forever > > # arptables -L -v -n (on non-ldirector) > Chain IN (policy ACCEPT 113 packets, 3164 bytes) > pkts bytes target in out source-ip > destination-ip source-hw destination-hw hlen op > hrd pro > 0 0 DROP * * 0.0.0.0/0 192.168.0.82 > 00/00 00/00 any 0000/0000 0000/0000 0000/0000 > > Chain OUT (policy ACCEPT 78 packets, 2184 bytes) > pkts bytes target in out source-ip > destination-ip source-hw destination-hw hlen op > hrd pro > 0 0 mangle * eth0 192.168.0.82 0.0.0.0/0 > 00/00 00/00 any 0000/0000 0000/0000 0000/0000 > --mangle-ip-s 192.168.0.68 > > Chain FORWARD (policy ACCEPT 0 packets, 0 bytes) > pkts bytes target in out source-ip > destination-ip source-hw destination-hw hlen op > hrd pro > > arptable on ldirectord is stopped. > > # arp -n (on ldirectord) > Address HWtype HWaddress Flags Mask > Iface > 192.168.0.81 ether 00:1E:13:CA:4A:7F C > eth0 > 192.168.0.85 ether 00:1E:4F:0F:B1:37 C > eth0 > > # arp -n (on non-ldirector) > Address HWtype HWaddress Flags Mask > Iface > 192.168.0.81 ether 00:1E:13:CA:4A:7F C > eth0 > 192.168.0.84 ether 00:1E:4F:0F:64:B2 > C eth0 > 192.168.0.85 ether 00:1E:4F:0F:B1:37 C > eth0 > > What I see in tcpdump on the ldirectord when I connect from an outside > client is: > > # tcpdump -nn host 233.220.244.95 and not port 22 > tcpdump: WARNING: peth0: no IPv4 address assigned > tcpdump: verbose output suppressed, use -v or -vv for full protocol decode > listening on peth0, link-type EN10MB (Ethernet), capture size 96 bytes > 02:08:09.138227 IP 233.220.244.95.62649 > 192.168.0.82.80: S > 2886883892:2886883892(0) win 5840 <mss 1402,sackOK,timestamp 282486030 > 0,nop,wscale 7> > 02:08:09.138360 IP 192.168.0.82.80 > 233.220.244.95.62649: S > 1778015608:1778015608(0) ack 2886883893 win 5792 <mss 1460,sackOK,timestamp > 23361075 282486030,nop,wscale 7> > 02:08:09.345026 IP 233.220.244.95.62649 > 192.168.0.82.80: . ack 1 win 46 > <nop,nop,timestamp 282486082 23361075> > 02:08:13.137254 IP 192.168.0.82.80 > 233.220.244.95.62649: S > 1778015608:1778015608(0) ack 2886883893 win 5792 <mss 1460,sackOK,timestamp > 23362075 282486082,nop,wscale 7> > 02:08:13.353012 IP 233.220.244.95.62649 > 192.168.0.82.80: . ack 1 win 46 > <nop,nop,timestamp 282487082 23362075,nop,nop,sack 1 {0:1}> > 02:08:19.337641 IP 192.168.0.82.80 > 233.220.244.95.62649: S > 1778015608:1778015608(0) ack 2886883893 win 5792 <mss 1460,sackOK,timestamp > 23363625 282487082,nop,wscale 7> > 02:08:19.557727 IP 233.220.244.95.62649 > 192.168.0.82.80: . ack 1 win 46 > <nop,nop,timestamp 282488632 23363625,nop,nop,sack 1 {0:1}> > 02:08:31.338386 IP 192.168.0.82.80 > 233.220.244.95.62649: S > 1778015608:1778015608(0) ack 2886883893 win 5792 <mss 1460,sackOK,timestamp > 23366625 282488632,nop,wscale 7> > 02:08:31.546088 IP 233.220.244.95.62649 > 192.168.0.82.80: . ack 1 win 46 > <nop,nop,timestamp 282491632 23366625,nop,nop,sack 1 {0:1}> > 02:08:35.174715 IP 233.220.244.95.62649 > 192.168.0.82.80: FP 26:40(14) ack > 1 win 46 <nop,nop,timestamp 282492539 23366625> > 02:08:35.174749 IP 192.168.0.82.80 > 233.220.244.95.62649: . ack 1 win 46 > <nop,nop,timestamp 23367584 282491632,nop,nop,sack 1 {26:41}> > > The client's "telnet" reports that it connected to the server but I don't > get a response from the server when I type in an HTTP request. > > Any ideas? > > Thanks. > > --Amos > > _______________________________________________ LinuxVirtualServer.org mailing list - [email protected] Send requests to [EMAIL PROTECTED] or go to http://lists.graemef.net/mailman/listinfo/lvs-users
