Setting up a lvs-tun working...

Mathieu Collas lvs at telaxo.com
Tue Aug 10 15:48:02 BST 2004


Hello

Thank you for your reply :)

I tried to setup the free versions (nat, dr and tun), and none of the 3
work...

My goal is to make a tun version work, but as i failed to set it up, i tried
to make a DR version, and then a nat version.... for the 3 version, i block
at the same state, the connection is received by the realserver, but no
reply arrive to the client...


Some explanations :

I have 2 box, 1 NIC on each box in a datacenter (i have no acces). 1 public
IP per box, and no VIP.

Here are the command i tried for the tun version :

INFOs :
IP of the director 213.186.56.124
IP of the realserver : 213.186.58.33

Tunnel :
    IP of the director 192.168.129.1
    IP of the realserver 192.168.129.100

VIP 192.168.129.66



# director :
------------

echo 0 >/proc/sys/net/ipv4/ip_forward

echo 1 >/proc/sys/net/ipv4/conf/all/send_redirects
echo 1 >/proc/sys/net/ipv4/conf/default/send_redirects
echo 1 >/proc/sys/net/ipv4/conf/eth0/send_redirects


ip tunnel add mode ipip tunl1 local 213.186.56.124 remote 213.186.58.33
ip addr add dev tunl1 local 192.168.129.1 peer 192.168.129.100
ip link set tunl1 up

ifconfig eth0:66 192.168.129.66 broadcast 192.168.129.66 netmask
255.255.255.255
route add -host 192.168.126.66 dev eth0:66


ipvsadm -A -t 192.168.129.66:23
ipvsadm -a -t 192.168.129.66:23 -r 192.168.129.100:23 -i

# to send traffic to the VIP
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 23 -j
DNAT --to-destination 192.168.129.66




# realserver :
--------------

echo 0 >/proc/sys/net/ipv4/ip_forward

ip tunnel add mode ipip tunl1 local 213.186.58.33 remote 213.186.56.124
ip addr add dev tunl1 local 192.168.129.100 peer 192.168.129.1
ip link set tunl1 up

ifconfig tunl0:66 192.168.129.66 broadcast 192.168.129.66
route add -host 192.168.129.66 dev tunl1:66



The tunnel works good (ping ok, telnet ok) and when i tried a "ping
213.186.56.124" from the outside, i can see the connection in ipvsadm, i can
see the connection in the realserver too, but the reply never arrive to the
client



I have no idea why the reply can return to the client...






----- Original Message ----- 
From: "Joseph Mack" <mack.joseph at epa.gov>
To: "LinuxVirtualServer.org users mailing list."
<lvs-users at LinuxVirtualServer.org>
Sent: Tuesday, August 10, 2004 3:25 PM
Subject: Re: Setting up a lvs-tun working...


> Mathieu Collas wrote:
> >
> > Hello all !
> >
> > For 2 days now i'm trying to setting up a working lvs-tun... but it
still
> > doesn't work...
>
> have you followed the instructions in the mini-HOWTO for LVS-DR and got it
> to work first?
>
> Joe
> -- 
> Joseph Mack PhD, High Performance Computing & Scientific Visualization
> LMIT, Supporting the EPA Research Triangle Park, NC 919-541-0007
> Federal Contact - John B. Smith 919-541-1087 - smith.johnb at epa.gov
> _______________________________________________
> LinuxVirtualServer.org mailing list - lvs-users at LinuxVirtualServer.org
> Send requests to lvs-users-request at LinuxVirtualServer.org
> or go to http://www.in-addr.de/mailman/listinfo/lvs-users
>



More information about the lvs-users mailing list