Problem with masq option for LVS - help very much appreciated!

Roberto Nibali ratz at drugphish.ch
Thu Feb 15 09:16:57 GMT 2007 

Hello Torsten,

> thanks a lot for replying so quickly - helps me out of my despair!

No worries, people on this list are generally very helpful, no need for 
desperation.

>> Should this be /ldirector.html instead of ldirector.html?
> 
> Changed this but ldirector.html was found before so do not see a problem
> here.

Neither worked, so I suggest fixing this first:

ratz at laphish2:~$ telnet 80.237.155.99 81
Trying 80.237.155.99...
Connected to 80.237.155.99.
Escape character is '^]'.
GET /ldirectord.html HTTP/1.0

HTTP/1.1 404 Not Found
Date: Thu, 15 Feb 2007 08:50:30 GMT
Server: Apache/1.3.33 (Debian GNU/Linux) PHP/4.3.10-18
Connection: close
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<HTML><HEAD>
<TITLE>404 Not Found</TITLE>
</HEAD><BODY>
<H1>Not Found</H1>
The requested URL /ldirectord.html was not found on this server.<P>
<HR>
<ADDRESS>Apache/1.3.33 Server at kinkaa.com Port 81</ADDRESS>
</BODY></HTML>
Connection closed by foreign host.
ratz at laphish2:~$ telnet 80.237.155.99 81
Trying 80.237.155.99...
Connected to 80.237.155.99.
Escape character is '^]'.
GET ldirectord.html HTTP/1.0

HTTP/1.1 400 Bad Request
Date: Thu, 15 Feb 2007 08:50:52 GMT
Server: Apache/1.3.33 (Debian GNU/Linux) PHP/4.3.10-18
Connection: close
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<HTML><HEAD>
<TITLE>400 Bad Request</TITLE>
</HEAD><BODY>
<H1>Bad Request</H1>
Your browser sent a request that this server could not understand.<P>
Invalid URI in request GET ldirectord.html HTTP/1.0<P>
<HR>
<ADDRESS>Apache/1.3.33 Server at kinkaa.com Port 81</ADDRESS>
</BODY></HTML>
Connection closed by foreign host.

Important: you need to be able to connect to your RS from your director 
and be able to perform the defined health check. This is currently not 
possible (although I couldn't test from your director). If this is not 
possible, ldirectord will either take your RS out or (maybe?) quiesce it.

>> Comparing to the ipvsadm -ln output below, you're either not telling 
>> the whole truth or did a copy'n'paste error :). Where does the 
>> 80.237.155.99:82 come from?
> 
> Hehe - that is the issue I guess - I'm not sure what why ldirector makes
> this mapping at all - I'm not telling it to do so. :(

Weird, seems like a mapping bug inside ldirectord. I'll have a look at 
it but maybe not until tomorrow, since I don't have time right now.

> I checked twice that this is the only ldirectord.cf on my system
> 
> kinkaa_load_balancer_1:/# find . -name ldirectord.cf
> ./etc/ha.d/ldirectord.cf
> kinkaa_load_balancer_1:/#
> 
> 
> and it looks like this:
> checktimeout=10
> checkinterval=2
> autoreload=yes
> logfile="/var/log/ldirector"
> quiescent=yes
> virtual=80.237.183.170:82
>         fallback=67.19.109.2:81 masq 1000
>         real=80.237.155.99:81 masq 1000
>          service=http
>          request="/ldirector.html"
>          receive="Test Page"
>          protocol=tcp
>          checktype=negotiate
>          persistent=1800

Ok, so then this is definitely weird. At first sight it looked to me as 
if ldirectord has missing "set variable undefined" somewhere in the 
code. I remember, when I implemented something similar to ldirectord 
years ago, I was bit by this when writing the configuration parser. Will 
check ...

> One more thing that's important my Debian Stable Installation did NOT
> install LVSSyncDaemonSwap in /etc/heartbeat/resource.d - I copied just
> this from another machine and it stopped complaining.

I don't know Debian and its LVS related packages well enough to comment 
on that, I'm afraid. It could be that the LVSSyncDaemonSwap resource 
script was added at a later stage, after the freeze of the Debian 
package maintainer for the heartbeat package.

Is your ldirectord started via heartbeat?

>> Can you report back what running the following "commands" from the 
>> director outputs for you, please:
>>
>> # telnet 80.237.183.170 82
>>  > GET /ldirectord.html HTTP/1.0 \n\n
> 
> No output :0( - you may try on your own - server is up.
> 
>> # telnet 80.237.183.170 82
>>  > GET ldirectord.html HTTP/1.0 \n\n

Yes, stupid me. Of course you need to telnet to the RIP:RIPPORT from the 
director to test it.

Best regards,
Roberto Nibali, ratz
-- 
echo 
'[q]sa[ln0=aln256%Pln256/snlbx]sb3135071790101768542287578439snlbxq' | dc

Search lvs-users Archives
Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
More information about the lvs-users mailing list