[lvs-users] LVS-NAT and full nat (realserver as client)
Kristoffer Egefelt
kristoffer at itoc.dk
Thu Oct 18 12:54:57 BST 2012
Hi,
I'm testing full nat on kernel 3.1.0, trying to have realservers in LVS-NAT communicate with VIPs - see: http://archive.linuxvirtualserver.org/html/lvs-devel/2010-05/msg00000.html - but clients hang...
Client: 10.10.10.201
Realserver: 10.10.10.11
Default gateway/LVS is 10.10.10.1
VIP: 192.168.100.30
eth1 is on the realserver network
so
% ipvsadm -A -t 192.168.100.30:80 -s rr
% ipvsadm -a -t 192.168.100.30:80 -r 10.10.10.11:80 -m
and then
% iptables -t nat -A POSTROUTING -o eth1 -m ipvs --vaddr 192.168.100.30/32 --vport 80 -j SNAT --to-source 10.10.10.1
but from the realserver or the client
telnet 192.168.100.30 hangs
tcpdump on the realserver shows
13:33:39.533160 IP 10.10.10.201.54737 > 10.10.10.11.80: Flags [S], seq 1629270067, win 14600, options [mss 1460,sackOK,TS val 34103738 ecr 0,nop,wscale 7], length 0
13:33:39.533198 IP 10.10.10.11.80 >10.10.10.201.54737: Flags [S.], seq 222278326, ack 1629270068, win 14480, options [mss 1460,sackOK,TS val 284062123 ecr 34103738,nop,wscale 7], length 0
13:33:39.533627 IP 10.10.10.201.54737 > 10.10.10.11.80: Flags [R], seq 1629270068, win 0, length 0
13:33:42.779366 IP 172.16.11.1.48501 > 10.10.10.11.80: Flags [S], seq 870222793, win 14600, options [mss 1460,sackOK,TS val 1268747903 ecr 0,nop,wscale 7], length 0
13:33:42.779405 IP 10.10.10.11.80 > 172.16.11.1.48501: Flags [S.], seq 503429492, ack 870222794, win 14480, options [mss 1460,sackOK,TS val 284062934 ecr 1268747903,nop,wscale 7], length 0
13:33:42.779757 IP 172.16.11.1.48501 > 10.10.10.11.80: Flags [.], ack 1, win 115, options [nop,nop,TS val 1268747903 ecr 284062934], length 0
13:33:42.780442 IP 172.16.11.1.48501 > 10.10.10.11.80: Flags [P.], seq 1:117, ack 1, win 115, options [nop,nop,TS val 1268747903 ecr 284062934], length 116
13:33:42.780476 IP 10.10.10.11.80 > 172.16.11.1.48501: Flags [.], ack 117, win 114, options [nop,nop,TS val 284062935 ecr 1268747903], length 0
13:33:42.781389 IP 10.10.10.11.80 > 172.16.11.1.48501: Flags [P.], seq 1:453, ack 117, win 114, options [nop,nop,TS val 284062935 ecr 1268747903], length 452
13:33:42.781657 IP 172.16.11.1.48501 > 10.10.10.11.80: Flags [.], ack 453, win 123, options [nop,nop,TS val 1268747903 ecr 284062935], length 0
13:33:42.782208 IP 10.10.10.11.80 > 172.16.11.1.48501: Flags [F.], seq 453, ack 117, win 114, options [nop,nop,TS val 284062935 ecr 1268747903], length 0
13:33:42.783794 IP 172.16.11.1.48501 > 10.10.10.11.80: Flags [F.], seq 117, ack 454, win 123, options [nop,nop,TS val 1268747904 ecr 284062935], length 0
13:33:42.783810 IP 10.10.10.11.80 > 172.16.11.1.48501: Flags [.], ack 118, win 114, options [nop,nop,TS val 284062935 ecr 1268747904], length 0
Anybody have an idea what could be up with this?
Thanks
Regards
Kristoffer
More information about the lvs-users
mailing list