[lvs-users] Unable to capture lvsadm traffic on loopback

Mon, 02 Jul 2018 14:08:59 -0700 

I am unable to capture lvsadm traffic on the loopback interface.

I am sucessfully sending traffic to my SIEM via ipvsadm.

I was able to do this on both interfaces; ens192 and interface lo.

I had no issues using tcpdump to view traffic being sent via ipvsadm on
interface ens192.

My problem is that when i use tcpdump on interface lo I do not see any
ipvsadm traffic.


** When I run tcpdump I don't see any udp traffic
# tcpdump -i lo -n udp port 51444 -vv
tcpdump: listening on lo, link-type EN10MB (Ethernet), capture size 262144
bytes

# ifconfig
ens192: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 10.0.10.136  netmask 255.255.255.0  broadcast 10.0.10.255

        ether 00:50:56:ce:e3:dc  txqueuelen 1000  (Ethernet)
        RX packets 63480807660  bytes 12508576879467 (11.3 TiB)
        RX errors 0  dropped 2  overruns 0  frame 0
        TX packets 19861938950  bytes 5978856268385 (5.4 TiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10<host>
        loop  txqueuelen 1  (Local Loopback)
        RX packets 351855  bytes 1689650676 (1.5 GiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 351855  bytes 1689650676 (1.5 GiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0


** ipvsadm commands to set up round robin load balancing to three SIEM
nodes **

# ipvsadm -A -u 127.0.0.1:51444 -s rr -o
# ipvsadm -a -u 127.0.0.1:51444 -r 10.10.10.77:514 -m -w 1
# ipvsadm -a -u 127.0.0.1:51444 -r 10.10.10.78:514 -m -w 1
# ipvsadm -a -u 127.0.0.1:51444 -r 10.10.10.79:514 -m -w 1

# ipvsadm
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
  -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
UDP  localhost:51444 rr ops
  -> 10.10.10.77:syslog           Masq    1      0          1
  -> 10.10.10.78:syslog           Masq    1      0          2
  -> 10.10.10.79:syslog           Masq    1      0          2
_______________________________________________
Please read the documentation before posting - it's available at:
http://www.linuxvirtualserver.org/

LinuxVirtualServer.org mailing list - lvs-users@LinuxVirtualServer.org
Send requests to lvs-users-requ...@linuxvirtualserver.org
or go to http://lists.graemef.net/mailman/listinfo/lvs-users

Reply via email to