Problem with masq option for LVS - help very much appreciated!

Torsten Jacobi tj at creative-weblogging.com
Wed Feb 14 04:07:40 GMT 2007 

Hi,

here is something that drives me crazy - I can't get my (first) IPVS 
Administration to work with that config.

I simply want to map port 82 on that virtual server to port 81 on the 
real servers. BUt all connections on port 82 simple time out. The real 
server works fine with direct access.

I follow this guideline for Debian Stable:

http://www.debianhelp.co.uk/ultramonkey.htm


checktimeout=10
checkinterval=2
autoreload=yes
logfile="/var/log/ldirector"
quiescent=yes
virtual=80.237.183.170:82
         fallback=67.19.109.2:81 masq 1000
         real=80.237.155.99:81 masq 1000
          service=http
          request="ldirector.html"
          receive="Test Page"
          protocol=tcp
          checktype=negotiate
          persistent=1800

ipvsadm -ln

shows this:

Prot LocalAddress:Port Scheduler Flags
   -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
TCP  80.237.183.170:82 wrr persistent 1800
   -> 80.237.155.99:81             Masq    1000   0          0
   -> 80.237.155.99:82             Masq    0      0          0

The debugging shows this:

  /usr/sbin/ldirectord -d /etc/heartbeat/ldirectord.cf start

EBUG2: Starting Linux Director v1.77.2.6 with pid: 13868
Starting Linux Director v1.77.2.6 with pid: 13868
DEBUG2: Running system(/sbin/ipvsadm -A -t 80.237.183.170:82 -s wrr -p 
1800 )
Running system(/sbin/ipvsadm -A -t 80.237.183.170:82 -s wrr -p 1800 )
DEBUG2: Added virtual server: 80.237.183.170:82
Added virtual server: 80.237.183.170:82
DEBUG2: Running system(/sbin/ipvsadm -a -t 80.237.183.170:82 -r 
67.19.109.2:81 -m -w 1)
Running system(/sbin/ipvsadm -a -t 80.237.183.170:82 -r 67.19.109.2:81 
-m -w 1)
DEBUG2: Added fallback server: 67.19.109.2:81 ( x 80.237.183.170:82) 
(Weight set to 1)
Added fallback server: 67.19.109.2:81 ( x 80.237.183.170:82) (Weight set 
to 1)
DEBUG2: Running system(/sbin/ipvsadm -a -t 80.237.183.170:82 -r 
80.237.155.99:82 -m -w 0)
Running system(/sbin/ipvsadm -a -t 80.237.183.170:82 -r 80.237.155.99:82 
-m -w 0)
DEBUG2: Quiescent real server: 80.237.155.99:82 mapped from 
80.237.155.99:81 ( x 80.237.183.170:82) (Weight set to 0)
Quiescent real server: 80.237.155.99:82 mapped from 80.237.155.99:81 ( x 
80.237.183.170:82) (Weight set to 0)


On the clients I have this configured:

  #vi /etc/sysctl.conf

# Enable configuration of arp_ignore option
net.ipv4.conf.all.arp_ignore = 1
# When an arp request is received on eth0, only respond if that address is
# configured on eth0. In particular, do not respond if the address is
# configured on lo
net.ipv4.conf.eth0.arp_ignore = 1
# Ditto for eth1, add for all ARPing interfaces
#net.ipv4.conf.eth1.arp_ignore = 1
# Enable configuration of arp_announce option
net.ipv4.conf.all.arp_announce = 2
# When making an ARP request sent through eth0 Always use an address that
# is configured on eth0 as the source address of the ARP request. If this
# is not set, and packets are being sent out eth0 for an address that is on
# lo, and an arp request is required, then the address on lo will be used.
# As the source IP address of arp requests is entered into the ARP cache on
# the destination, it has the effect of announcing this address. This is
# not desirable in this case as adresses on lo on the real-servers should
# be announced only by the linux-director.
net.ipv4.conf.eth0.arp_announce = 2
# Ditto for eth1, add for all ARPing interfaces
#net.ipv4.conf.eth1.arp_announce = 2

Iproute is installed too.

DO I miss something here?

Thanks!

Torsten

Search lvs-users Archives
Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
More information about the lvs-users mailing list