Glad to know your issue is solved
Emilio
Sent from mobile
El 28 abr. 2016 12:01 p. m., "Filipe Sousa" <filipe.so...@pdmfc.com>
escribió:
> Hi Enrique,
>
> We've sucessfuly made our migration.
>
> In our test environment, the VM has two NICs connected to the same
> vSwitch: one for management and the other for services.
>
> Our aproach was to disable farms on the old node and recreate the farms on
> the new node.
>
> What was happening was that the old node didn't completely released the
> IPs, even with the service NIC disconnected on the Hypervisor and disabled
> on the ZEN Load Balancer.
>
> Once we started deleting virtual interfaces things started to work.
>
> Thank you for your support and for making such a great product.
>
> Best regards,
> Filipe Sousa
>
> On Wednesday, April 27, 2016 14:00 WEST, Emilio Campos <
> emilio.campos.mar...@gmail.com> wrote:
>
>
> Your rules are properly created and your configuration farm is correct.
>
> Please try to run telnet from the load balancer to backends in order to
> verify the TCP connection is established
>
> From load balancer:
>
> telnet 10.1.28.72 9105
> telnet 10.1.28.71 9105
>
> Also confirm that VIP is reachable from your clients, confirm you
> configured Gateways properly for eth"X" and for the table: Global Gateway,
> maybe routing could be the issue.
>
> Regards!
>
>
>
>
> 2016-04-27 13:35 GMT+02:00 Filipe Sousa <filipe.so...@pdmfc.com>:
>>
>> Here goes the Output:
>>
>> Chain PREROUTING (policy ACCEPT)
>> target prot opt source destination
>> MARK tcp -- 0.0.0.0/0 10.1.28.84 statistic
>> mode random probability 1.00000000000 multiport dports 9105 /*
>> FARM_TST-AppInfo_1_ */ MARK set 0x208
>> MARK tcp -- 0.0.0.0/0 10.1.28.84 statistic
>> mode random probability 0.50000000000 multiport dports 9105 /*
>> FARM_TST-AppInfo_0_ */ MARK set 0x207
>> MARK tcp -- 0.0.0.0/0 10.1.28.84 recent:
>> CHECK seconds: 120 name: _TST-AppInfo_0x207_sessions side: source mask:
>> 255.255.255.255 multiport dports 9105 /* FARM_TST-AppInfo_0_ */ MARK set
>> 0x207
>> MARK tcp -- 0.0.0.0/0 10.1.28.84 recent:
>> CHECK seconds: 120 name: _TST-AppInfo_0x208_sessions side: source mask:
>> 255.255.255.255 multiport dports 9105 /* FARM_TST-AppInfo_1_ */ MARK set
>> 0x208
>>
>> Chain INPUT (policy ACCEPT)
>> target prot opt source destination
>>
>> Chain FORWARD (policy ACCEPT)
>> target prot opt source destination
>>
>> Chain OUTPUT (policy ACCEPT)
>> target prot opt source destination
>>
>> Chain POSTROUTING (policy ACCEPT)
>> target prot opt source destination
>> Chain PREROUTING (policy ACCEPT)
>> target prot opt source destination
>> DNAT tcp -- 0.0.0.0/0 0.0.0.0/0 mark match
>> 0x207 recent: SET name: _TST-AppInfo_0x207_sessions side: source mask:
>> 255.255.255.255 /* FARM_TST-AppInfo_0_ */ to:10.1.28.72:9105
>> DNAT tcp -- 0.0.0.0/0 0.0.0.0/0 mark match
>> 0x208 recent: SET name: _TST-AppInfo_0x208_sessions side: source mask:
>> 255.255.255.255 /* FARM_TST-AppInfo_1_ */ to:10.1.28.71:9105
>>
>> Chain INPUT (policy ACCEPT)
>> target prot opt source destination
>>
>> Chain OUTPUT (policy ACCEPT)
>> target prot opt source destination
>>
>> Chain POSTROUTING (policy ACCEPT)
>> target prot opt source destination
>> MASQUERADE tcp -- 0.0.0.0/0 0.0.0.0/0 mark
>> match 0x207 /* FARM_TST-AppInfo_0_ */
>> MASQUERADE tcp -- 0.0.0.0/0 0.0.0.0/0 mark
>> match 0x208 /* FARM_TST-AppInfo_1_ */
>>
>> Thank you again!
>>
>> Filipe Sousa
>>
>> On 27-04-2016 12:18, Emilio Campos wrote:
>>
>> please execute the following command and paste us the outuput.
>>
>> iptables -nL -t mangle; iptables -nL -t nat
>>
>> Thanks!
>>
>>
>> 2016-04-27 13:05 GMT+02:00 Filipe Sousa <filipe.so...@pdmfc.com>:
>>>
>>> Hi Emilio,
>>>
>>> My config file only has this:
>>>
>>> TST-AppInfo;tcp;10.1.28.84;9105;nat;weight;ip;120;up
>>> ;server;10.1.28.72;9105;0x207;1;1;up
>>> ;server;10.1.28.71;9105;0x208;1;1;up
>>>
>>> What we want to balance is port 9105.
>>>
>>> Our servers have Mutual SSL/TLS authentication.
>>>
>>> As the HTTPS Farm does not supplies this authentication to the backend
>>> servers we went with a TCP farm and the packages we're all delivered
>>> directly to the backend server.
>>>
>>> Right now, we are not being able to do make the clients connect to this
>>> service, but they can do it directly, avoiding the load balancer.
>>>
>>> If you want to, I can do some kind of diagram to clarify our
>>> configuration.
>>>
>>> Thank you,
>>>
>>> Filipe Sousa
>>>
>>>
>>> On 2016-04-26 17:57, Emilio Campos <emilio.martin@gm...>
>>> <emilio.martin@gm...> wrote:
>>>
>>> > Dear Filipe in zen 3.10.1 if you try to configure a l4xnat farm, by
>>> default
>>> > the behaviour is the same than TCP profiles.
>>> >
>>> > paste your current configuration of your new l4xnat farm with us and
>>> > explain a little bit what port you want to balance.
>>> >
>>> > Thanks!
>>> >
>>> > 2016-04-26 16:33 GMT+02:00 Filipe Sousa <filipe.sousa@...>
>>> <filipe.sousa@...>:
>>> >
>>> > > Hi all,
>>> > >
>>> > > We are using zenloadbalancer community version and we want to move
>>> > from
>>> > > version 3.05 to 3.10.1.
>>> > >
>>> > > In our environment we are balancing HTTPS Services, that have client
>>> > > authentication with certificate. The TLS tunnel is made directly
>>> with
>>> > > client and the backend server.
>>> > >
>>> > > In the previous version, the 3.05, the TCP farm was able to do this
>>> kind
>>> > > of load balancing.
>>> > >
>>> > > With the version 3.10.1, using the farm type L4xNAT, we are not
>>> being
>>> > > successful to load balance this services.
>>> > >
>>> > > Our question is: what is your suggested configuration to load
>>> balance
>>> > > services that require Client Authentication with client certificate?
>>> > >
>>> > > Please feel free to ask for more relevant information.
>>> > >
>>> > > Thank you,
>>> > >
>>> > > Filipe Sousa
>>> > >
>>> > >
>>> > >
>>> > >
>>> > >
>>>
>>> ------------------------------------------------------------------------------
>>> > > Find and fix application performance issues faster with Applications
>>> > > Manager
>>> > > Applications Manager provides deep performance insights into
>>> multiple
>>> > > tiers of
>>> > > your business applications. It resolves application problems
>>> quickly and
>>> > > reduces your MTTR. Get your free trial!
>>> > >
>>> > > _______________________________________________
>>> > > Zenloadbalancer-support mailing list
>>> > > Zenloadbalancer-support@...
>>> > >
>>> https://lists.sourceforge.net/lists/listinfo/zenloadbalancer-support
>>>
>>>
>>> ------------------------------------------------------------------------------
>>> Find and fix application performance issues faster with Applications
>>> Manager
>>> Applications Manager provides deep performance insights into multiple
>>> tiers of
>>> your business applications. It resolves application problems quickly and
>>> reduces your MTTR. Get your free trial!
>>> https://ad.doubleclick.net/ddm/clk/302982198;130105516;z
>>> _______________________________________________
>>> Zenloadbalancer-support mailing list
>>> Zenloadbalancer-support@lists.sourceforge.net
>>> https://lists.sourceforge.net/lists/listinfo/zenloadbalancer-support
>>>
>>
>>
>> --
>> Load balancer distribution - Open Source Project
>> http://www.zenloadbalancer.com
>> Distribution list (subscribe):
>> zenloadbalancer-support@lists.sourceforge.net
>>
>>
>> ------------------------------------------------------------------------------
>> Find and fix application performance issues faster with Applications Manager
>> Applications Manager provides deep performance insights into multiple tiers
>> of
>> your business applications. It resolves application problems quickly and
>> reduces your MTTR. Get your free
>> trial!https://ad.doubleclick.net/ddm/clk/302982198;130105516;z
>>
>>
>>
>> _______________________________________________
>> Zenloadbalancer-support mailing
>> listZenloadbalancer-support@lists.sourceforge.nethttps://lists.sourceforge.net/lists/listinfo/zenloadbalancer-support
>>
>>
>>
>> ------------------------------------------------------------------------------
>> Find and fix application performance issues faster with Applications
>> Manager
>> Applications Manager provides deep performance insights into multiple
>> tiers of
>> your business applications. It resolves application problems quickly and
>> reduces your MTTR. Get your free trial!
>> https://ad.doubleclick.net/ddm/clk/302982198;130105516;z
>> _______________________________________________
>> Zenloadbalancer-support mailing list
>> Zenloadbalancer-support@lists.sourceforge.net
>> https://lists.sourceforge.net/lists/listinfo/zenloadbalancer-support
>>
>
>
>
> --
> Load balancer distribution - Open Source Project
> http://www.zenloadbalancer.com
> Distribution list (subscribe):
> zenloadbalancer-support@lists.sourceforge.net
>
>
>
>
> ------------------------------------------------------------------------------
> Find and fix application performance issues faster with Applications
> Manager
> Applications Manager provides deep performance insights into multiple
> tiers of
> your business applications. It resolves application problems quickly and
> reduces your MTTR. Get your free trial!
> https://ad.doubleclick.net/ddm/clk/302982198;130105516;z
> _______________________________________________
> Zenloadbalancer-support mailing list
> Zenloadbalancer-support@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/zenloadbalancer-support
>
>
------------------------------------------------------------------------------
Find and fix application performance issues faster with Applications Manager
Applications Manager provides deep performance insights into multiple tiers of
your business applications. It resolves application problems quickly and
reduces your MTTR. Get your free trial!
https://ad.doubleclick.net/ddm/clk/302982198;130105516;z
_______________________________________________
Zenloadbalancer-support mailing list
Zenloadbalancer-support@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/zenloadbalancer-support
