[lvs-users] Trouble getting first LVS setup working
graeme at graemef.net
Sat Mar 21 09:21:07 GMT 2009
On Fri, 2009-03-20 at 20:33 -0500, Chris St. Pierre wrote:
> I won't lie and say it's particularly thorough documentation -- most
> of it covers using the configuration web GUI -- but it's readable, and
> I figured it'd be a good place to start as I'm running RHEL.
It's as good a place as any, but it doesn't really explain the basics
very well - it's a sort of "click here, do this, all will be well"
approach which doesn't give you the full grounding about the "why" (or
even the "how" in some cases!).
> I have now, and none of them seem to be my problem. Many are little
> bugs or resource allocation issues, but they all appeared to be
> problems that exhibited themselves once things were at least
> marginally working. In my case, I can't even get the dang thing
> working at all.
I would normally ask for all sort of debug info here, but as you already
stated this is a test platform I'm going to ask you to completely clear
the RH-driven configs and start from a clean slate. BTW, I feel it's
your VIP netmask causing the problem, but we'll come to that later...
What you'll need to do is as follows:
# /sbin/ip address add 10.9.3.6/32 dev eth0
# /sbin/ipvsadm -A -t 10.9.3.6:80 -s rr
# /sbin/ipvsadm -a -t 10.9.3.6:80 -r 10.9.3.1:80 -w 100 -m
# /sbin/ipvsadm -a -t 10.9.3.6:80 -r 10.9.3.2:80 -w 100 -m
That then gets you a very basic virtual server on 10.9.3.6:80/tcp which
has realservers on port 80/tcp on addresses 10.9.3.1 and 10.9.3.2, using
the "masquerade" method (LVS-NAT). The prerequisite for this is that the
realservers have a default gateway address pointing to the director, ie.
Once you have this set up, you can try to access the VIP from a client
which is *not on the same LAN as the VIP or the realservers*. This is a
key point - the return traffic MUST go back via the director in LVS-NAT
or the SYN/AYN-ACK/ACK handshake will fail.
Please try this and let us know how you get on.
By the way, if your VIP netmask is too wide on the director then the
director will believe that a Very Large Network is local to it or
immediately adjacent. That can stop normal traffic flow dead, right
More information about the lvs-users