LVS_DR with FTPs:

[Manning, Mark E]

Your suggestion to adjust my IPtables to accept New connections on port 21
and make the other ports 20 and 24000:24020 in my case RELATED worked.
ThankYou Very much
Mark Manning


-----Original Message-----
From: lvs-users-bounces at LinuxVirtualServer.org
[mailto:lvs-users-bounces at LinuxVirtualServer.org] On Behalf Of Joseph Mack
NA3T
Sent: Tuesday, September 12, 2006 4:34 PM
To: LinuxVirtualServer.org users mailing list.
Subject: Re: LVS_DR with FTPs:

On Tue, 12 Sep 2006, Manning, Mark E wrote:

> I have been successful in load balancing ftp using the vsFTPd Server and
> LVS_DR.
>
> When I configure my Realservers to use TLS keys I can log 
> in securely but I believe the negotiation of the data 
> connection is hanging my ftp clients. Is there an LVS_DR 
> configuration procedure for setting up load balanced
> FTPs.

yes, see the HOWTO. ftp being a two port protocol is a 
little more difficult than the standard single port LVS 
connection.

You haven't got the 2nd port LVS'ed.


> Passive FTP is set up in IPtables to be forwarded using FW Mark, I have
also
> included ports 20 and 21 in the mark'd group.

You should just accept port=ftp and the other ports are 
accepted uing "RELATED"

Read the HOWTO on LVS.

are you using fwmark for ftp with ipvsadm? (you don't need 
to)

Are the port 20 (or passive ftp) port calls getting back to 
the client from the realserver?

> FTPs works properly when using the Realservers RIP, it fails when using
the
> VIP of the cluster.

above you say it fails for TLS

Joe

-- 
Joseph Mack NA3T EME(B,D), FM05lw North Carolina
jmack (at) wm7d (dot) net - azimuthal equidistant map
generator at http://www.wm7d.net/azproj.shtml
Homepage http://www.austintek.com/ It's GNU/Linux!
_______________________________________________
LinuxVirtualServer.org mailing list - lvs-users at LinuxVirtualServer.org
Send requests to lvs-users-request at LinuxVirtualServer.org
or go to http://www.in-addr.de/mailman/listinfo/lvs-users