attached is my keepalived.conf file
Le ven. 31 mai 2019 à 09:39, Bassem Mettichi a écrit :
> Hello,
>
> i hope you are all so fine, i need your help concerning keepalived +
> ipvsadm
>
> I have installed keepalived version keepalived-2.0.7-1.el7.x86_64 +
> ipvsadm version ipvsadm-1.27-7.el7.x86_
Hello,
i hope you are all so fine, i need your help concerning keepalived + ipvsadm
I have installed keepalived version keepalived-2.0.7-1.el7.x86_64 + ipvsadm
version ipvsadm-1.27-7.el7.x86_64 on Redhat 7.1, i have 4 backends: 2
backends web servers apache httpd and 2 backends freeradius.
my cus
Hello,
i hope you are all so fine, i need your help concerning keepalived + ipvsadm
I have installed keepalived version keepalived-2.0.7-1.el7.x86_64 + ipvsadm
version ipvsadm-1.27-7.el7.x86_64 on Redhat 7.1, i have 4 backends: 2
backends web servers apache httpd and 2 backends freeradius.
my cus
Hello,
iam using keepalived ( keepalived-1.3.5-8.el7_6.x86_64) + ipvsadm
( ipvsadm-1.27-7.el7.x86_64) installed on redhat 7, keepalived is used to
forward trafic to 2 freeradius servers. we are using round robin on
keepalived, we have two issues:
1- keepalived doen't send equal trafic to the 2 f
Hi folks,
Long time no updates :D here we go… This is a HUGE…. a MONSTER release. Lot of
efforts have been made here to make it really strong…
I would specially address a HUGE THANKS and BIG Mexican wave for Quentin
Armitage. The job you made here with is release is very valuable and much
appr
Hi,
I configure keepalived using vrrp v2, it can work fine. But when I change to
vrrp v3. VIP cannot be accessible from the other node.
The file /var/log/messages indicated that VIP is already added on the device:
Aug 25 06:11:05 host-192-168-120-21 Keepalived_vrrp[15930]: Using VRRPv3
...
A
Hello,
For me LVS is relatively new, I use keepalived since begin 2010. I now
combine LVS + keepalived with direct routing. For http/imap/smtp/pop3 this
works perfect. However for FTP (for me ProFTPd is important) I can't get
this to work.
I want to use direct routing where possible (I don't real
Hello,
I'm having a keepalived problem.
I have compiled a keepalived 1.2.2 on a ubuntu lucid
The configure final information gives :
Keepalived version : 1.2.2
Compiler : gcc
Compiler flags : -g -O2
Extra Lib: -lpopt
I may have identified a difference between my load balancers, and I'm
thinking that this is just happening on one of the load balancers too,
as I failed over yesterday, and found that the same large provider that
had complained last week were still suffering the problem with replies
coming back
Hi Guys,
I'm sending this to both LVS and Keepalived mailings lists, as both
technologies are involved here, and I'm not sure where the failure might
be. It's conceivable that it should go to the netfilter list too, but
perhaps you can advise me on that.
The basic gist of the problem is tha
Hi,
First of all let me thank you for your help and attention and for pointing
me to the LVS users mailing list. I wasn't aware of it.
On Wed, Nov 9, 2011 at 12:58 PM, Graeme Fowler wrote:
> [copying in the LVS users list]
>
> On Wed, 2011-11-09 at 12:04 -0200, Rodrigo Severo wrote:
> > I hav
[copying in the LVS users list]
On Wed, 2011-11-09 at 12:04 -0200, Rodrigo Severo wrote:
> I have been using keepalived for some years now.
>
> For some time now keepalived has started to fail when updating VS on
> the kernel. This kind of thing happens after some time where
> keepalived is worki
> vrrp_instance app_master {
> virtual_router_id 36
> }
>
> The BACKUP conf is quite the same except the "state" and "priority"
> directives of course.
Probably won't help, but - you DO have the SAME virtual_router_id on
both machines?
I got bitten by my brain telling me to use DIFFERENT o
Hi Stephane,
When starting 1 LVS keepalived process, you have 1 server broadcasting
VRRP packets.
Those packets must be received by the second LVS server (regardless of
whether keepalived is running) since they are broadcast packets.
If connectivity is not working (switch filtering broadcast tra
Hi Tom
Thank you for your reply !
Le 08/07/11 07:14, Tom van Leeuwen a écrit :
> Hi Stephane,
>
> Probably stupid, but: have you also checked that VRRP packets are
> recieved correctly?
Yep. Packets are sent but not received, this is the point.
> If you start 1 keepalived, does the other see the
Hi Stephane,
Probably stupid, but: have you also checked that VRRP packets are
recieved correctly?
If you start 1 keepalived, does the other see the vrrp? Also: have you
specified different (global def section) router_id's?
Also, can you verify that you can ping LVS node 2 from LVS node 1 and
v
On Fri, 8 Jul 2011, Stephane RIOS wrote:
> So my question is : does keepalived need to have Virtual
> IP and real IP in the same subnet to work ?
No. an LVS is intended to run with the RIPs on any network
at all (but usually are private addresses, so you don't use
a public IP and so that peopl
Hi all
This is slightly off-topic because it concerns especially keepalived and
not lvs but i read a lot of posts in this list about keepalived so ...
I've made a very simple setup of 2 LVS nodes (Debian 5.0) on Rackspace.
And this setup does not work.
Here's the MASTER keepalived conf :
global
Hi,
Try tu add this to /etc/sysctl.conf :
# No source verification
net.ipv4.conf.default.rp_filter = 0
net.ipv4.conf.all.rp_filter = 0
and then :
# sysctl -p /etc/sysctl.conf
perhaps it helps... but not really sure..
I've a similar server, but I use portfwd instead of iptables DNAT :
ethX ->
> Hi,
>
>
> I have a strange problem and I can't seem to find clear information on
> how to do this .
>
>
> I have 2 loadbalancer set up keepalived NAT mode with 2 interfaces each
>
>
> internal vip - 192.168.0.199
> external vip - 195.x.x.21
>
> lb1 -master
> bond0 - private - 192.168.0.239
> eth5
Hi,
I have a strange problem and I can't seem to find clear information on
how to do this .
I have 2 loadbalancer set up keepalived NAT mode with 2 interfaces each
internal vip - 192.168.0.199
external vip - 195.x.x.21
lb1 -master
bond0 - private - 192.168.0.239
eth5 - public - 195.x.x.41
I have set up keepalived for load balancing. It works for redundancy but
does not work when trying to load balance.
I am using multiple servers and have exact same configurations on both
servers. debian 64 bit squeeze.
keepalived conf:
[CODE]
# Configuration File for Keepalived
# Global Configu
On 04/14/2011 10:34 AM, Sharif Uddin wrote:
> Hi,
>
> I have read many "how to guides" on load balancing with keepalived and I
> can't seem to get it to work. They all seem to be outdated or something
> missing or wrong. I have posted before but no one seems to reply.
>
>
> Can anyone help?
>
> I
Hi,
I have read many "how to guides" on load balancing with keepalived and I
can't seem to get it to work. They all seem to be outdated or something
missing or wrong. I have posted before but no one seems to reply.
Can anyone help?
I want to load balance using only keepalived multiple server
I have set up keepalived for load balancing. It works for redundancy but
does not work when trying to load balance.
I am using mnultiple servers and have exact same configurations on both
servers. debian 64 bit squeeze.
keepaliv conf:
[CODE]
# Configuration File for Keepalived
# Global Config
i have installed the keepalived.below:
./configure && make && make install
vip : 172.16.39.100
keepalived lvs lb(master) 172.16.39.10
keepalived lvs lb(backup) 172.16.39.20
real server1 172.16.39.30
real server2 172.16.39.40
-
On Tue, 2011-03-08 at 09:05 +0800, bedo wrote:
> if I want to use the lvs function of keepalived.
> i must install ipvsadm?
No, you don't. However you won't be able to monitor your LVS very easily
if you don't install it.
Graeme
___
Please read the do
hello all,
if I want to use the lvs function of keepalived.
i must install ipvsadm?
thanks for every relay.
___
Please read the documentation before posting - it's available at:
http://www.linuxvirtualserver.org/
LinuxVirtualServer.org mailing list - lvs
Hi,
>> Any idea when this will be available?
>
> currently into testing process ;)
Sounds good.
My boss asked me to extend our loadbalancer with IPv6 functionality, so
I kind of need it very soon ;-)
--
Met vriendelijke groet,
Jan Hugo Prins
E: j...@jhprins.org
_
On Dec 29, 2010, at 2:09 PM, Jan Hugo Prins wrote:
> On 12/08/2010 04:33 PM, Alexandre Cassen wrote:
>> Hi folks,
>>
>> Just take time last night to push pending patch :)
>>
>> Will submit a new release later on this month to add full v6 support for
>> IPVS part (it seems v6 is growing up ;))
>
On 12/08/2010 04:33 PM, Alexandre Cassen wrote:
> Hi folks,
>
> Just take time last night to push pending patch :)
>
> Will submit a new release later on this month to add full v6 support for
> IPVS part (it seems v6 is growing up ;))
>
Hi Alexandre,
Any idea when this will be available?
Greeting
Hello,
I want to create a Web cluster with Keepalived using LVS-DR.Keepalived
launching, I get the following errors :
"Dec 22 09:58:16 cesar kernel: IPVS: set_ctl: invalid protocol: 0
192.168.0.10:80 rr
Dec 22 09:58:16 cesar Keepalived_healthcheckers: IPVS: Bad address"
Manually, I'm able to a
Dear all,
I am using keepalived to run a script on each router when the state
changes between master or backup.
What I am missing is a way to get the master notified when there is a
failure of a backup machine.
In particular, can keepalived run a script on the master when there are
no backup
Hi
campbell mcleay wrote:
> Anyone have any good reasons why this should not be done?
We are indeed running both LVS nodes as BACKUP and with the same prio,
it works as expected.
Siim
___
Please read the documentation before posting - it's available a
Hi Sander,
Thanks for the reply. I was reading through the man page for
keepalived.conf and noticed the 'nopreempt' option just after I sent
the mail.
Cheers,
Campbell
On Thu, Jul 8, 2010 at 10:08 PM, Sander Klein wrote:
> Hi,
>
> On Thu, 8 Jul 2010 20:17:33 +0100, campbell mcleay
> wrote:
>>
On Thu, 2010-07-08 at 23:22 +0200, Sander Klein wrote:
> Replying to my own mail...
>
> > I think you can give both directors the same priority. A director that
> is
> > in backup state and receives a vrrp packet with the same priority as
> it's
> > own should stay in backup state. But I can imagi
Replying to my own mail...
> I think you can give both directors the same priority. A director that
is
> in backup state and receives a vrrp packet with the same priority as
it's
> own should stay in backup state. But I can imagine it is possible that
both
> directors get in a state that they both
On Thu, 8 Jul 2010, campbell mcleay wrote:
> Hi,
>
> Anyone have any good reasons why this should not be done?
the short answer is that people have got it working the
current way and you can set one up with the minimum amount
of bother by following the well trodden path. If this isn't
a requir
Hi,
On Thu, 8 Jul 2010 20:17:33 +0100, campbell mcleay
wrote:
> I was interested in setting up LVS-NAT with keepalived for a redundant
> setup. All of the documentation recommends one director designated as
> master and one as backup. However, I was wondering if there is an
> issue having both as
Hi,
I was interested in setting up LVS-NAT with keepalived for a redundant
setup. All of the documentation recommends one director designated as
master and one as backup. However, I was wondering if there is an
issue having both as backup, the reasons for this configuration being
1) that config ca
El 02/06/10 4:05, Yunfeng Xu escribió:
> I have a cluster with keepalivde + lvs. I know the default pid file for
> keepalived is at /var/run/keepalived.pid. Can I specify the other location
> for the pid file in the configuration file? I look through the documents on
> the keepalived site and goog
Hi, all
I have a cluster with keepalivde + lvs. I know the default pid file for
keepalived is at /var/run/keepalived.pid. Can I specify the other location
for the pid file in the configuration file? I look through the documents on
the keepalived site and google for it, but did not find the answer.
Thanks for your work. Impressive.
El 06/05/2010 23:05, "Alexandre Cassen" escribió:
Hi folks,
Just this quick email to pop up new keepalived release. I would just like
to thanks Vincent Bernat for his time spent fixing pending bugs !
Next step is VRRPv3 supporting IPv6, it is on its way in my
Hi
Gerry Reno wrote:
> Now the servers.d/ files could be generated/removed according to current
> active instances and then if the keepalived daemon/server needed
> restarting it would always have the current state for the real servers.
Right now you could just generate the whole keepalived.con
Siim Põder wrote:
> Hi
>
> Gerry Reno wrote:
>
>> How can I use keepalived in a highly dynamic cloud environment? How can
>> I keep keepalived.conf up-to-date with the currently activated instances?
>>
>
> However, the answer to your question depends on what you mean by
> "highly dynamic
Hi
Gerry Reno wrote:
> How can I use keepalived in a highly dynamic cloud environment? How can
> I keep keepalived.conf up-to-date with the currently activated instances?
However, the answer to your question depends on what you mean by
"highly dynamic cloud environment". If you mean that change
How can I use keepalived in a highly dynamic cloud environment? How can
I keep keepalived.conf up-to-date with the currently activated instances?
-Gerry
___
Please read the documentation before posting - it's available at:
http://www.linuxvirtualserv
server.org [mailto:lvs-users-
> boun...@linuxvirtualserver.org] On Behalf Of Alexandre Cassen
> Sent: Monday, September 28, 2009 8:54 AM
> To: keepalived-de...@lists.sourceforge.net; keepalived-
> annou...@lists.sourceforge.net
> Cc: lvs-users@linuxvirtualserver.org; Willy Tarreau
> Sub
Hi,
Willy set up a git repo for Keepalived. Thanks, Willy! It will be my
devel tree. Sending patches using git formalism will be preferred.
sum-up url is :
http://git.formilux.org/?p=people/alex/keepalived.git;a=summary
you can clone repo at here :
http://master.formilux.org/git/people/alex/keep
will fix this...
On Thu, 24 Sep 2009, Vincent Bernat wrote:
OoO Vers la fin de l'après-midi du jeudi 24 septembre 2009, vers 16:23,
Alexandre Cassen disait :
Just published a new release on keepalived website. This release fixe
lot of pending bugs.
Hi!
What about this fix:
http://cgit.l
Just for completeness, Vasily's config had a space missing between the
address and the opening brace in hist virtual_server definition which
caused this error.
Graeme
___
Please read the documentation before posting - it's available at:
http://www.linu
Thanks Jason,
I have modified the running keepalived configuration, and still, the
problem remains...
When I type "ipvsadm -l", the table is blank:
###
[r...@lvs ~]# ipvsadm -L
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port
Hey,
I'd like to try out the min/max connection thresholds features in IPVS, but
there doesn't seem to be a way to use this feature in keepalived; does anyone
know if there's some undocumented way to do this, or a patch out that enables
this behavior?
Thanks!
--
Jason Faulkner
Linux Systems
bject: Re: [lvs-users] Keepalived - HTTPS Issue with multiple
HTTPS virtual server blocks
To: lvs-users@linuxvirtualserver.org
Quoting Graeme Fowler <[EMAIL PROTECTED]>:
> On Thu, 2008-05-29 at 20:30 -0400, [EMAIL PROTECTED] wrote:
>> Yes I'm aware of those problems. Bu
Quoting Graeme Fowler <[EMAIL PROTECTED]>:
> On Thu, 2008-05-29 at 20:30 -0400, [EMAIL PROTECTED] wrote:
>> Yes I'm aware of those problems. But I'm not encountering those issues.
>> What I'm seeing is that my http wont work, but https will work.
I want to clarify my issue here. I think I may hav
On Thu, 2008-05-29 at 20:30 -0400, [EMAIL PROTECTED] wrote:
> Yes I'm aware of those problems. But I'm not encountering those issues.
> What I'm seeing is that my http wont work, but https will work.
I believe you need to post your complete, unobfuscated keepalived config
(apart from the AH secret
Quoting Amos Shapira <[EMAIL PROTECTED]>:
> On Fri, May 30, 2008 at 1:40 AM, <[EMAIL PROTECTED]> wrote:
>>
>> This does not appear to be a problem for http, but just recently
>> I added two SSL applications - unique virtual server IP's but the same
>> real servers
>> and I saw some interesting iss
On Fri, May 30, 2008 at 1:40 AM, <[EMAIL PROTECTED]> wrote:
>
> This does not appear to be a problem for http, but just recently
> I added two SSL applications - unique virtual server IP's but the same
> real servers
> and I saw some interesting issues
I'm not an expert on keepalived but I know th
Thanks in advance for any assistance you can provide:
Been running keepalived for a number of months now - and very happy.
Our configuration is rather simple. We run an active/active configuration -
each VRRP instance consists of a single master/slave pair and we just
balance our virtual IP's acro
On Wed, 2008-05-28 at 19:58 -0400, [EMAIL PROTECTED] wrote:
> Hi folks. I have a question regarding keepalived and ipvs. I'm having
> an issue that *seems* to be IPVS related and I wanted to make sure
> it's okay to ask here
Yes.
Graeme
___
Li
Hi folks. I have a question regarding keepalived and ipvs. I'm having
an issue that *seems* to be IPVS related and I wanted to make sure
it's okay to ask here
Thanks,
Errol Neal
This email and any files tra
Graeme Fowler wrote:
> Hi
>
> On Tue, 2008-04-15 at 13:31 +0100, Thomas Pedoussaut wrote:
>
>> I came across the packet storm problem where when the MASTER forwards a
>> connection to the real server on the BACKUP (via DR), the BACKUP treats
>> it as a VIP connection to be loadbalanced rather
Hi
On Tue, 2008-04-15 at 13:31 +0100, Thomas Pedoussaut wrote:
> I came across the packet storm problem where when the MASTER forwards a
> connection to the real server on the BACKUP (via DR), the BACKUP treats
> it as a VIP connection to be loadbalanced rather than a real server
> connection t
Hi,
I have a very light infrastructure, with 2 servers acting as directors
AND real servers.
I came across the packet storm problem where when the MASTER forwards a
connection to the real server on the BACKUP (via DR), the BACKUP treats
it as a VIP connection to be loadbalanced rather than a r
On Fri, 2008-03-21 at 12:47 +0100, Bgs wrote:
> Is this behavior made on purpose?
No. Something - likely in your config - is wrong.
Please post your full VRRP config, including the VIP definitions,
unedited.
Graeme
___
LinuxVirtualServer.org mailing
> Following the 'wipe' idea I found what the problem is. Using ipvs I
> had my addresses use normal netmask (/27 in this case). Apparently
> keepalived removed the whole range defined by that netmask. So if you
> have 192.168.0.2/27 in keepalived.conf and you manually add
> 192.168.0.3/27 too
Following the 'wipe' idea I found what the problem is. Using ipvs I
had my addresses use normal netmask (/27 in this case). Apparently
keepalived removed the whole range defined by that netmask. So if you
have 192.168.0.2/27 in keepalived.conf and you manually add
192.168.0.3/27 too then .3
I do want keepalived to remove the VIPs when I shut it down.
("do-release-ipvs"). My problem is that keepalived removed other IPs too
that it's not supposed to handle...
Or does 'release vips' mean wipe all addresses from interface?
Graeme Fowler wrote:
> On Fri, 2008-03-21 at 12:24 +0100, Bgs
On Fri, 2008-03-21 at 12:24 +0100, Bgs wrote:
> Any ideas? Bug or config error?
I hate to have to say this, but: man keepalived
You need either or both of:
--dont-release-vrrp, -V
leave (don’t remove) VRRP VIPs & VROUTEs on daemon stop.
--dont-release-ipvs, -I
Dont remove IPVS topology
Greetings,
I playing with keepalived to replace our current custom system, but
have some problems. The main one is that whenever I stop keepalived, it
removes all IPs from the outside interface and consequently it's default
route as well. Adding additional non-keepalived handled IPs to th
[EMAIL PROTECTED] escribió:
> Friends, all good. I have server with keepalived I wanted to make
> keepalived to function with a external one with I scheme internal with
> ips private
>
> KEEPALIVED IP 200.233.100.2 EXTERNAL
> 10.250.150.1 wink
Hi Emiliano
On Sat, 2008-02-16 at 10:27 -0200, [EMAIL PROTECTED] wrote:
> Friends, all good. I have server with keepalived I wanted to make
> keepalived to function with a external one with I scheme internal with
> ips private
>
> KEEPALIVED IP 200.233.100.2 EXTERNAL
>
Friends, all good. I have server with keepalived I wanted to make
keepalived to function with a external one with I scheme internal with
ips private
KEEPALIVED IP 200.233.100.2 EXTERNAL
10.250.150.1 wink 2003
Quoting Graeme Fowler <[EMAIL PROTECTED]>:
>> I have several LVS clusters multicasting VRRP in the same network, can
>> I disable logging this messages? or any method to prevent this
>> multicasting..
>
> I *thought* this error would only be generated if you had a VRID
> conflict between instance
Nice to know. Thanks.
On Mon, 2008-01-14 at 17:04 -0500, Todd Fleisher wrote:
> Fwiw, I've had no problems with the reload approach, first reloading
> the master and then after its done reloading the backup.
>
> I'm running 1.1.13 on as low as pentium 3 1.2ghz hardware & my advert
> interval is
Hi Scott
On Mon, 2008-01-14 at 16:01 -0500, Scott McClanahan wrote:
> Thanks for the response but I think the easiest and best approach for me
> would simply be to mod the config with the appropriate weight (this
> doesn't happen so frequently that it's a burden) and perform a reload.
Righto.
>
On Mon, 2008-01-14 at 15:47 -0500, Graeme Fowler wrote:
> Hi
>
> Will cc this to keepalied list as you posted there too :)
>
> On Mon, 2008-01-14 at 11:19 -0500, Scott McClanahan wrote:
> > We run ipvs with keepalived (CentOS 5.1) and often change the
> run-time
> > configuration of real servers
On Fri, 21 Sep 2007, Gerry Reno wrote:
> Ok, what I've found is that if I set the 'hit_count' high to say 100
> then I can login but the connection dies very quickly (actually it just
> hangs). So I think the limit rule is applying to more than just NEW
> packets. The higher that I set 'hit_count'
Gerry Reno wrote:
> My SSH Highport solution has been working well (see last post), so now I
> need to setup some firewall rules for rate-limiting so that I can expose
> the port to the internet and not permit huge dictionary attacks against
> the port. So I setup some iptables rules and ... it
Joseph Mack NA3T wrote:
> have you done the control, of setting up the same rules on a
> single box (not an lvs director)
>
> Joe
>
>
Yes, it's working fine on a single box (tested on port 22).
Gerry
___
LinuxVirtualServer.org mailing list - lvs-
On Fri, 21 Sep 2007, Gerry Reno wrote:
> So I setup some iptables rules and ... it doesn't work.
have you done the control, of setting up the same rules on a
single box (not an lvs director)
Joe
--
Joseph Mack NA3T EME(B,D), FM05lw North Carolina
jmack (at) wm7d (dot) net - azimuthal equidis
My SSH Highport solution has been working well (see last post), so now I
need to setup some firewall rules for rate-limiting so that I can expose
the port to the internet and not permit huge dictionary attacks against
the port. So I setup some iptables rules and ... it doesn't work. I
found a
On Fri, 21 Sep 2007, Gerry Reno wrote:
> Is there some solution that would keep all configuration
> just on the directors? I like keeping things off of the
> realservers if possible.
not for LVS-DR, because the return packets don't go through
the director.
Joe
--
Joseph Mack NA3T EME(B,D),
Ok, I have been able to get LVS SSH on a high-port working by putting
the iptables rule in the realservers and restricting sshd on the
directors. Here's the setup:
In iptables on realservers:
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 33322 -j REDIRECT
--to-port 22
In /etc/ssh/sshd
Gerry Reno wrote:
> ... and then the response from RS go back to VIP:33322? ...
>
I meant back to GW:33322
___
LinuxVirtualServer.org mailing list - lvs-users@LinuxVirtualServer.org
Send requests to [EMAIL PROTECTED]
or go to http://lists.graemef.n
Gerry Reno wrote:
> Gerry Reno wrote:
>
>> Con Tassios wrote:
>>
>>
>>> Would you need something like this on the real servers?
>>>
>>> iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 33322 -j REDIRECT
>>> --to-port 22
>>>
>>>
>>>
>>>
>> In conjunction with Graeme's
Gerry Reno wrote:
> Con Tassios wrote:
>
>> Would you need something like this on the real servers?
>>
>> iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 33322 -j REDIRECT
>> --to-port 22
>>
>>
>>
> In conjunction with Graeme's suggestion about sshd_config, your rule
> works, when
Con Tassios wrote:
> Would you need something like this on the real servers?
>
> iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 33322 -j REDIRECT
> --to-port 22
>
>
In conjunction with Graeme's suggestion about sshd_config, your rule
works, when used on the directors.
Gerry
__
Thanks Graeme, thanks Joe. I think you've put me on the right track now.
Joe, I didn't see that howto on the howto page:
http://www.austintek.com/LVS/LVS-HOWTO/ or is it listed somewhere else?
I obviously missed it.
Gerry
___
LinuxVirtualServer.org
On Thu, 20 Sep 2007, Gerry Reno wrote:
> I looked through the howto's and did not see anything showing how to put
> ssh on an alternate port.
http://www.austintek.com/LVS/LVS-HOWTO/HOWTO/LVS-HOWTO.rewrite_ports.html
Joe
--
Joseph Mack NA3T EME(B,D), FM05lw North Carolina
jmack (at) wm7d (dot)
On Thu, 2007-09-20 at 10:00 -0400, Gerry Reno wrote:
> I looked through the howto's and did not see anything showing how to put
> ssh on an alternate port.
You can have SSH as a service one the director if you configure to
listen on the DIP only.
man sshd_config
...
ListenAddress
Specifies
I looked through the howto's and did not see anything showing how to put
ssh on an alternate port. If LVS-DR cannot be used to map from an
alternate port back to 22 then is my only choice a firewall rule? I was
hoping that I could leave sshd running on port 22 on the director and
have an incomi
On Thu, 20 Sep 2007, Joseph Mack NA3T wrote:
> On Thu, 20 Sep 2007, Gerry Reno wrote:
>
>> I have setup a stanza in keepalived.conf for SSH to use an alternate
>> port. But whenever I try to ssh into the VIP on the alternate port I
>> get a "No route to host".
>
> nothing is listening on that por
On Thu, 20 Sep 2007, Gerry Reno wrote:
> I have setup a stanza in keepalived.conf for SSH to use an alternate
> port. But whenever I try to ssh into the VIP on the alternate port I
> get a "No route to host".
nothing is listening on that port.
> It looks like it gets to the director but it
> ne
On Thu, 20 Sep 2007, Gerry Reno wrote:
> I have setup a stanza in keepalived.conf for SSH to use an alternate
> port. But whenever I try to ssh into the VIP on the alternate port I
> get a "No route to host". It looks like it gets to the director but it
> never gets to the real server. I see an
Gerry Reno wrote:
> I have setup a stanza in keepalived.conf for SSH to use an alternate
> port. But whenever I try to ssh into the VIP on the alternate port I
> get a "No route to host". It looks like it gets to the director but it
> never gets to the real server. I see an immediate inactive
I have setup a stanza in keepalived.conf for SSH to use an alternate
port. But whenever I try to ssh into the VIP on the alternate port I
get a "No route to host". It looks like it gets to the director but it
never gets to the real server. I see an immediate inactive connection
in IPVS. All
On Tue, 2007-09-11 at 19:16 +0200, Andre Weitekamp wrote:
> I've found the problem. I don't need any scripts or something else.
> Keepalived add and remove the Server.
> Keepalived has 4 Healthckeck frameworks. I used SSL_GET and HTTP_GET,
> but the two methods doesn't add the server back. I don'
I've found the problem. I don't need any scripts or something else.
Keepalived add and remove the Server.
Keepalived has 4 Healthckeck frameworks. I used SSL_GET and HTTP_GET,
but the two methods doesn't add the server back. I don't know why, but
TCP_CHECK do this. So I use TCP_CHECK with the co
Looking on my Keepalived v1.1.12 implementation I see no external scripts to
handle adding or removing machines in the pool.
What do you see in your log file? below is expected log output from a simple
tcp port check.
Sep 10 23:15:16 lb1 Keepalived_healthcheckers: TCP connection to
[192.168.2.2
1 - 100 of 133 matches
Mail list logo
