[lvs-users] LVS and Nat question

gary.gardner at brokensoftware.com gary.gardner at brokensoftware.com
Fri Nov 9 15:53:46 GMT 2012


 ipvsadm
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
  -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
TCP  local:http wlc
  -> remote:http                  Masq    1      0          0
  -> remote:http                  Masq    1      0          0
 ps -ef | grep nanny
root      1943  1928  0 Nov01 ?        00:00:32 /usr/sbin/nanny -c -h
192.168.0.201 -p 80 -r 80 -s GET / HTTP/1.0\r\n\r\n -x HTTP -q -a 15 -I
/sbin/ipvsadm -t 6 -w 1 -V 98.190.148.186 -M m -U none --lvs
root      1944  1928  0 Nov01 ?        00:00:33 /usr/sbin/nanny -c -h
192.168.0.202 -p 80 -r 80 -s GET / HTTP/1.0\r\n\r\n -x HTTP -q -a 15 -I
/sbin/ipvsadm -t 6 -w 1 -V 98.190.148.186 -M m -U none --lvs
root     26252  2278  0 08:51 pts/1    00:00:00 grep nanny

> Hello Gary,
>
> Could you please type
> ipvsadm
> on the piranha server and give me the output ?
> Also the output of
> ps -ef | grep nanny
>
> With those informations I might be able to help.
>
> Best regards,
>
> Xavier
>
>
> On Fri, Nov 9, 2012 at 9:29 AM, <gary.gardner at brokensoftware.com> wrote:
>
>> Ok I had to take a break from trying to configure Piranha so I could
>> work
>> on other things. But now I am back to it.
>>
>> Ok here's the problem.  The Piranha is successfully pinging the real
>> servers and I can see that in the http logs.
>>
>> The Piranha side that is talking to the Internet doesn't seem to be
>> answering on Port 80.  The firewall ports are open for 3636, 80 and 539.
>>
>> If I do a tcpdump for eth0, which is the front facing/internet side, I
>> see
>> that I am getting traffic on that interface.
>>
>> However, it doesn't appear that Piranha is doing anything with it.
>>
>> What would you like me to attempt and what dump/log/trace should I send
>> to
>> help troubleshoot?
>>
>> I have tried using the Direct Method and the NAT method.  It just
>> doesn't
>> seem to be listening on Port 80.
>>
>>  netstat -an | grep 80
>> tcp        1      0 98.190.148.186:36757        174.76.227.75:80
>>  CLOSE_WAIT
>>
>>
>> >
>> > On 10/26/12 1:03 AM, gary.gardner at brokensoftware.com wrote:
>> >>> The VIP is an external IP that I can ping.  The real web servers are
>> on
>> >>> a
>> >>> 192.168.0.xxx subnet.  The VIP machine has eth1 that is on the
>> >>> 192.168.0.xxx subnet and I can see the pulse getting to those
>> servers.
>> >>> What I cannot get is anything responding on 80.  It's as if the
>> >>> firewall
>> >>> isn't letting traffic in or nothing is listening on 80.
>> > If you run tcpdump on your real servers, do they see any port 80
>> > traffic? Do they have the VIP configured on their loopback, or a
>> > iptables REDIRECT rule in place to handle the traffic?
>> >
>> > Do you see iptables or ipvsadm counters incrementing when you are
>> > connecting? Are you connecting from inside or outside network?
>> >
>> > _______________________________________________
>> > Please read the documentation before posting - it's available at:
>> > http://www.linuxvirtualserver.org/
>> >
>> > LinuxVirtualServer.org mailing list - lvs-users at LinuxVirtualServer.org
>> > Send requests to lvs-users-request at LinuxVirtualServer.org
>> > or go to http://lists.graemef.net/mailman/listinfo/lvs-users
>> >
>>
>> _______________________________________________
>> Please read the documentation before posting - it's available at:
>> http://www.linuxvirtualserver.org/
>>
>> LinuxVirtualServer.org mailing list - lvs-users at LinuxVirtualServer.org
>> Send requests to lvs-users-request at LinuxVirtualServer.org
>> or go to http://lists.graemef.net/mailman/listinfo/lvs-users
>>
> _______________________________________________
> Please read the documentation before posting - it's available at:
> http://www.linuxvirtualserver.org/
>
> LinuxVirtualServer.org mailing list - lvs-users at LinuxVirtualServer.org
> Send requests to lvs-users-request at LinuxVirtualServer.org
> or go to http://lists.graemef.net/mailman/listinfo/lvs-users
>




More information about the lvs-users mailing list