LVS/Tun is not working

Kalpin Erlangga Silaen kalpin at net2cyber.net
Wed Dec 13 03:11:39 GMT 2006 

Dear all,

I am trying to implement LVS/Tunnel with 1 load balancer and 2 real server:

Load Balancer:
Real IP : 202.34.196.211 (eth0)
Virtual IP : 202.34.196.212 (eth0:0)
Gateway: 202.34.196.209

My Ifconfig output:

[root at balancer ha.d]# ifconfig
eth0      Link encap:Ethernet  HWaddr 00:0F:EA:zz:yy:xx
          inet addr:202.34.196.211  Bcast:202.34.196.223  
Mask:255.255.255.248
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:669712 errors:0 dropped:0 overruns:0 frame:0
          TX packets:580476 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:424022031 (404.3 MiB)  TX bytes:44694004 (42.6 MiB)
          Interrupt:209 Base address:0x8000

eth0:0    Link encap:Ethernet  HWaddr 00:0F:EA:zz:yy:xx
          inet addr:202.34.196.212  Bcast:202.34.196.212  
Mask:255.255.255.255
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          Interrupt:209 Base address:0x8000


My sysctl.conf
[root at balancer ha.d]# sysctl -p
net.ipv4.ip_forward = 1
kernel.sysrq = 0
kernel.core_uses_pid = 1

Finally my ldirectord.cf:

checktimeout=10
checkinterval=1
autoreload=no
logfile="local0"
quiescent=yes

virtual=202.34.196.212:80
        real=202.34.196.213:80 ipip
        real=202.34.196.214:80 ipip
        service=http
        request="index.html"
        receive="Test"
        scheduler=rr
        protocol=tcp
        checktype=negotiate


My Real Server 1:
RIP: 202.34.196.213 (eth0) with gateway: 202.34.196.209
Tunnel IP: 202.34.196.212 (tunl0) with gateway: 202.34.196.212

my ifconfig output at real server 1
tunl0     Link encap:IPIP Tunnel  HWaddr
          inet addr:202.34.196.212  Mask:255.255.255.255
          UP RUNNING NOARP  MTU:1480  Metric:1
          RX packets:52 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:3120 (3.0 KiB)  TX bytes:0 (0.0 b)

my sysctl.conf at real server 1:

net.ipv4.ip_forward = 1
kernel.sysrq = 0

My Real Server 2:
RIP: 202.34.196.214 (eth0) with gateway: 202.34.196.209
Tunnel IP: 202.34.196.212 (tunl0) with gateway: 202.34.196.212

my ifconfig output at real server 2
tunl0     Link encap:IPIP Tunnel  HWaddr
          inet addr:202.34.196.212  Mask:255.255.255.255
          UP RUNNING NOARP  MTU:1480  Metric:1
          RX packets:52 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:3120 (3.0 KiB)  TX bytes:0 (0.0 b)

my sysctl.conf at real server 2:

net.ipv4.ip_forward = 1
kernel.sysrq = 0

HTTP services is up at real server 1 and 2. I can access directly to 
http://202.34.196.213 (real server 1) and get Test page with strings 
Test also I can access http://202.34.196.214 with strings Test.
All Firewall at Load Balancer, Real server 1 and 2 was flush. I can 
access http services from load balancer to real server 1 & 2.

My ipvsadm output:

IP Virtual Server version 1.2.0 (size=4096)
Prot LocalAddress:Port Scheduler Flags
  -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
TCP  202.34.196.212:80 rr
  -> 202.34.196.214:80            Tunnel  1      0          0
  -> 202.34.196.213:80            Tunnel  1      0          0

[root at balancer ha.d]# ipvsadm -l -n --stats
IP Virtual Server version 1.2.0 (size=4096)
Prot LocalAddress:Port               Conns   InPkts  OutPkts  InBytes 
OutBytes
  -> RemoteAddress:Port
TCP  202.34.196.212:80                   3       12        0      
720        0
  -> 202.34.196.214:80                   2        6        0      
360        0
  -> 202.34.196.213:80                   1        6        0      
360        0

Try to access Load Balancer from outside and check connection at load 
balancer:
[root at balancer ha.d]# ipvsadm -l -n --connection
IPVS connection entries
pro expire state       source             virtual            destination
TCP 00:59  SYN_RECV    202.87.24.5:33354 202.34.196.212:80  
202.34.196.213:80

But I always get time out from outside. Checked with tcpdump at load 
balancer:

10:10:08.966109 IP 202.87.24.5.33363 > 202.34.196.212.http: S 
3615203299:3615203299(0) win 5840 <mss 1460,sackOK,timestamp 7710594 
0,nop,wscale 2>
10:10:11.964080 IP 202.87.24.5.33363 > 202.34.196.212.http: S 
3615203299:3615203299(0) win 5840 <mss 1460,sackOK,timestamp 7713594 
0,nop,wscale 2>
10:10:17.963790 IP 202.87.24.5.33363 > 202.34.196.212.http: S 
3615203299:3615203299(0) win 5840 <mss 1460,sackOK,timestamp 7719594 
0,nop,wscale 2>

But I never get output from tcpdump at real server 1 & 2.

any help will appreciate.

Regards,


Kalpin Erlangga Silaen

Search lvs-users Archives
Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
More information about the lvs-users mailing list