[lvs-users] Unable to get LVS-Tun working

Nilesh Govindrajan me at nileshgr.com
Thu Jun 26 11:56:13 BST 2014


I am trying to setup LVS Tun on Hetzner.de servers I have. They're
located on completely different subnets.

Virtual IP is a failover IP offered by them, and from my discussion
with support, it seems they do support any server answering with the
failover IP irrespective of what the failover ip is routed to
currently (some isps block as it's packet spoofing).

I have added VIP to my load balancer and then I add ssh service as follows -

ipvsadm -A -t VIP:22 -s rr
ipvsadm -A -t VIP:22 -a -r s1

I have enabled ip forwarding and the iptables FORWARD chain accepts
any packet that is from or to one of my servers.

On the real server, I have this -

modprobe ipip
ifconfig tunl0 VIP netmask broadcast VIP up
route add -host VIP dev tunl0

Now, when I try to connect to VIP:22 from outside, I can see the
packets coming to the real server in tcpdump with SYN flag. But no
packet ever seems to leave my real server.

What am I doing wrong?

More information about the lvs-users mailing list