On Tue, Sep 2, 2008 at 10:52 PM, David Dyer-Bennet <[EMAIL PROTECTED]> wrote: > requests from outside sent to the public virtual IP do not get routed, > they simply go to the local Apache server on port 80 (I've put index pages > in on all the servers to make it really obvious which one I'm reaching on > any give request).
Looks like IPVS (the LVS kernel module) just doesn't recognize the incoming packets as belonging to a virtual service it cares for. If the kernel has CONFIG_IP_VS_DEBUG set, you could try something like: $ echo 100 > /proc/sys/net/ipv4/vs/debug_level And check the output in dmesg/syslog. For an incoming connection matching a configured virtual service, the output should look like this: (in this case, connection from 10.0.0.254 to the VIP 10.0.0.1, scheduled to real server 10.0.0.3) IPVS: lookup/in TCP 10.0.0.254:58748->10.0.0.1:80 not hit IPVS: lookup service: fwm 0 TCP 10.0.0.1:80 hit IPVS: ip_vs_wlc_schedule(): Scheduling... IPVS: WLC: server 10.0.0.3:80 activeconns 0 refcnt 2 weight 1 overhead 1 IPVS: Bind-dest TCP c:10.0.0.254:58748 v:10.0.0.1:80 d:10.0.0.3:80 fwd:M s:0 conn->flags:100 conn->refcnt:1 dest->refcnt:3 IPVS: Schedule fwd:M c:10.0.0.254:58748 v:10.0.0.1:80 d:10.0.0.3:80 conn->flags:140 conn->refcnt:2 IPVS: Incoming packet: TCP 10.0.0.254:58748->10.0.0.1:80 IPVS: TCP input [S...] 10.0.0.3:80->10.0.0.254:58748 state: NONE->SYN_RECV conn->refcnt:2 Enter: ip_vs_nat_xmit, net/ipv4/ipvs/ip_vs_xmit.c line 361 IPVS: new dst 10.0.0.3, refcnt=2, rtos=10 IPVS: After DNAT: TCP 10.0.0.254:58748->10.0.0.3:80 Leave: ip_vs_nat_xmit, net/ipv4/ipvs/ip_vs_xmit.c line 413 Enter: ip_vs_out, net/ipv4/ipvs/ip_vs_core.c line 893 IPVS: lookup/out TCP 10.0.0.3:80->10.0.0.254:58748 hit IPVS: Outgoing packet: TCP 10.0.0.3:80->10.0.0.254:58748 IPVS: After SNAT: TCP 10.0.0.1:80->10.0.0.254:58748 Leave: ip_vs_out, net/ipv4/ipvs/ip_vs_core.c line 1032 IPVS: lookup/in TCP 10.0.0.254:58748->10.0.0.1:80 hit IPVS: Incoming packet: TCP 10.0.0.254:58748->10.0.0.1:80 IPVS: TCP input [..A.] 10.0.0.3:80->10.0.0.254:58748 state: SYN_RECV->ESTABLISHED conn->refcnt:2 Enter: ip_vs_nat_xmit, net/ipv4/ipvs/ip_vs_xmit.c line 361 IPVS: After DNAT: TCP 10.0.0.254:58748->10.0.0.3:80 Leave: ip_vs_nat_xmit, net/ipv4/ipvs/ip_vs_xmit.c line 413 In your non-working case, I suspect you will have something like "packet continues traversal as normal" in the logs instead, which means that IPVS doesn't think it's responsible... Julius -- Julius Volz - Corporate Operations - SysOps Google Switzerland GmbH - Identification No.: CH-020.4.028.116-1 _______________________________________________ LinuxVirtualServer.org mailing list - [email protected] Send requests to [EMAIL PROTECTED] or go to http://lists.graemef.net/mailman/listinfo/lvs-users
