[lvs-users] Tunnel setup problems

Alex Lopez alxmlpz at gmail.com
Mon Apr 4 23:44:30 BST 2016


configure it as Tunnel .



On Mon, Apr 4, 2016 at 2:50 PM, Aldo Sarmiento <aldo at bigpurpledot.com>
wrote:

> Hello,
>
> I'm pretty new to the LVS configuration world, but I hear great things. I
> am trying to setup a Director on a separate network than the Real Servers
> in a proof of concept scenario.
>
> The Director is on a private subnet & the Real Server will be using a
> public IP address. I followed the tutorial at
> http://www.ultramonkey.org/papers/lvs_tutorial/html/
>
> Anyhow, the whole config & tcp dumps here:
>
> ## LVS Machine
> root at lvs01:~# ipvsadm -L -n
> IP Virtual Server version 1.2.1 (size=4096)
> Prot LocalAddress:Port Scheduler Flags
>   -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
> TCP  172.20.10.6:80 wlc
>   -> 98.191.200.182:80            Tunnel  1      0          4
>
> root at lvs01:~# sysctl -a | grep ip_forward
> net.ipv4.ip_forward = 1
>
> root at lvs01:~# ifconfig
> eth0      Link encap:Ethernet  HWaddr 08:00:27:2d:11:6c
>           inet addr:172.20.10.6  Bcast:172.20.10.15  Mask:255.255.255.240
>           inet6 addr: 2600:1012:b159:7dc6:a00:27ff:fe2d:116c/64
> Scope:Global
>           inet6 addr: 2600:1012:b159:7dc6:2580:c3e0:7f22:90c8/64
> Scope:Global
>           inet6 addr: fe80::a00:27ff:fe2d:116c/64 Scope:Link
>           UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
>           RX packets:2293 errors:0 dropped:0 overruns:0 frame:0
>           TX packets:1551 errors:0 dropped:0 overruns:0 carrier:0
>           collisions:0 txqueuelen:1000
>           RX bytes:478202 (478.2 KB)  TX bytes:288698 (288.6 KB)
>           Interrupt:19 Base address:0xd020
>
> lo        Link encap:Local Loopback
>           inet addr:127.0.0.1  Mask:255.0.0.0
>           inet6 addr: ::1/128 Scope:Host
>           UP LOOPBACK RUNNING  MTU:65536  Metric:1
>           RX packets:142 errors:0 dropped:0 overruns:0 frame:0
>           TX packets:142 errors:0 dropped:0 overruns:0 carrier:0
>           collisions:0 txqueuelen:0
>           RX bytes:11929 (11.9 KB)  TX bytes:11929 (11.9 KB)
>
>
> ## Remote machine (behind router which is doing port forwarding from
> 98.191.200.182:80 -> 192.168.1.185:80)
>
> root at raspberrypi:/home/pi# ifconfig
> eth0      Link encap:Ethernet  HWaddr b8:27:eb:ee:84:69
>           inet addr:192.168.1.185  Bcast:192.168.1.255  Mask:255.255.255.0
>           UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
>           RX packets:14597 errors:0 dropped:484 overruns:0 frame:0
>           TX packets:1797 errors:0 dropped:0 overruns:0 carrier:0
>           collisions:0 txqueuelen:1000
>           RX bytes:2921143 (2.7 MiB)  TX bytes:301282 (294.2 KiB)
>
> lo        Link encap:Local Loopback
>           inet addr:127.0.0.1  Mask:255.0.0.0
>           UP LOOPBACK RUNNING  MTU:65536  Metric:1
>           RX packets:447 errors:0 dropped:0 overruns:0 frame:0
>           TX packets:447 errors:0 dropped:0 overruns:0 carrier:0
>           collisions:0 txqueuelen:0
>           RX bytes:130401 (127.3 KiB)  TX bytes:130401 (127.3 KiB)
>
> tunl0     Link encap:IPIP Tunnel  HWaddr
>           inet addr:172.20.10.6  Mask:255.255.255.255
>           UP RUNNING NOARP  MTU:1480  Metric:1
>           RX packets:0 errors:0 dropped:0 overruns:0 frame:0
>           TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
>           collisions:0 txqueuelen:0
>           RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)
>
> root at raspberrypi:/home/pi# cat /etc/sysctl.d/20-lvs-destination.conf
> net.ipv4.conf.lo.arp_ignore = 1
> net.ipv4.conf.lo.arp_announce = 2
> net.ipv4.conf.tunl0.arp_ignore = 1
> net.ipv4.conf.tunl0.arp_announce = 2
>
>
> ## TCP dump of LVS Machine when trying to visit 172.20.10.6 via browser
>
> root at lvs01:~# tcpdump -n -i eth0:1 port 80
> tcpdump: WARNING: eth0:1: no IPv4 address assigned
> tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
> listening on eth0:1, link-type EN10MB (Ethernet), capture size 65535 bytes
>
> 13:05:33.928612 IP 172.20.10.2.61641 > 172.20.10.6.80: Flags [S], seq
> 375168773, win 65535, options [mss 1460,nop,wscale 5,nop,nop,TS val
> 1326362248 ecr 0,sackOK,eol], length 0
> 13:05:33.928664 IP 172.20.10.2.61642 > 172.20.10.6.80: Flags [S], seq
> 2628646146, win 65535, options [mss 1460,nop,wscale 5,nop,nop,TS val
> 1326362248 ecr 0,sackOK,eol], length 0
> 13:05:34.931978 IP 172.20.10.2.61642 > 172.20.10.6.80: Flags [S], seq
> 2628646146, win 65535, options [mss 1460,nop,wscale 5,nop,nop,TS val
> 1326363249 ecr 0,sackOK,eol], length 0
> 13:05:34.932031 IP 172.20.10.2.61641 > 172.20.10.6.80: Flags [S], seq
> 375168773, win 65535, options [mss 1460,nop,wscale 5,nop,nop,TS val
> 1326363249 ecr 0,sackOK,eol], length 0
> 13:05:35.935326 IP 172.20.10.2.61642 > 172.20.10.6.80: Flags [S], seq
> 2628646146, win 65535, options [mss 1460,nop,wscale 5,nop,nop,TS val
> 1326364249 ecr 0,sackOK,eol], length 0
> 13:05:35.935376 IP 172.20.10.2.61641 > 172.20.10.6.80: Flags [S], seq
> 375168773, win 65535, options [mss 1460,nop,wscale 5,nop,nop,TS val
> 1326364249 ecr 0,sackOK,eol], length 0
> 13:05:36.936083 IP 172.20.10.2.61642 > 172.20.10.6.80: Flags [S], seq
> 2628646146, win 65535, options [mss 1460,nop,wscale 5,nop,nop,TS val
> 1326365249 ecr 0,sackOK,eol], length 0
> 13:05:36.936122 IP 172.20.10.2.61641 > 172.20.10.6.80: Flags [S], seq
> 375168773, win 65535, options [mss 1460,nop,wscale 5,nop,nop,TS val
> 1326365249 ecr 0,sackOK,eol], length 0
> 13:05:37.944178 IP 172.20.10.2.61642 > 172.20.10.6.80: Flags [S], seq
> 2628646146, win 65535, options [mss 1460,nop,wscale 5,nop,nop,TS val
> 1326366249 ecr 0,sackOK,eol], length 0
> 13:05:37.944217 IP 172.20.10.2.61641 > 172.20.10.6.80: Flags [S], seq
> 375168773, win 65535, options [mss 1460,nop,wscale 5,nop,nop,TS val
> 1326366249 ecr 0,sackOK,eol], length 0
> 13:05:38.950484 IP 172.20.10.2.61642 > 172.20.10.6.80: Flags [S], seq
> 2628646146, win 65535, options [mss 1460,nop,wscale 5,nop,nop,TS val
> 1326367249 ecr 0,sackOK,eol], length 0
> 13:05:38.950524 IP 172.20.10.2.61641 > 172.20.10.6.80: Flags [S], seq
> 375168773, win 65535, options [mss 1460,nop,wscale 5,nop,nop,TS val
> 1326367249 ecr 0,sackOK,eol], length 0
> 13:05:40.958163 IP 172.20.10.2.61642 > 172.20.10.6.80: Flags [S], seq
> 2628646146, win 65535, options [mss 1460,nop,wscale 5,nop,nop,TS val
> 1326369249 ecr 0,sackOK,eol], length 0
> 13:05:40.958204 IP 172.20.10.2.61641 > 172.20.10.6.80: Flags [S], seq
> 375168773, win 65535, options [mss 1460,nop,wscale 5,nop,nop,TS val
> 1326369249 ecr 0,sackOK,eol], length 0
> 13:05:44.968782 IP 172.20.10.2.61642 > 172.20.10.6.80: Flags [S], seq
> 2628646146, win 65535, options [mss 1460,nop,wscale 5,nop,nop,TS val
> 1326373249 ecr 0,sackOK,eol], length 0
> 13:05:44.968822 IP 172.20.10.2.61641 > 172.20.10.6.80: Flags [S], seq
> 375168773, win 65535, options [mss 1460,nop,wscale 5,nop,nop,TS val
> 1326373249 ecr 0,sackOK,eol], length 0
> 13:05:52.987716 IP 172.20.10.2.61642 > 172.20.10.6.80: Flags [S], seq
> 2628646146, win 65535, options [mss 1460,nop,wscale 5,nop,nop,TS val
> 1326381249 ecr 0,sackOK,eol], length 0
> 13:05:52.987755 IP 172.20.10.2.61641 > 172.20.10.6.80: Flags [S], seq
> 375168773, win 65535, options [mss 1460,nop,wscale 5,nop,nop,TS val
> 1326381249 ecr 0,sackOK,eol], length 0
> 13:06:09.019087 IP 172.20.10.2.61641 > 172.20.10.6.80: Flags [S], seq
> 375168773, win 65535, options [mss 1460,nop,wscale 5,nop,nop,TS val
> 1326397249 ecr 0,sackOK,eol], length 0
> 13:06:41.105497 IP 172.20.10.2.61642 > 172.20.10.6.80: Flags [S], seq
> 2628646146, win 65535, options [mss 1460,sackOK,eol], length 0
> 13:06:41.105539 IP 172.20.10.2.61641 > 172.20.10.6.80: Flags [S], seq
> 375168773, win 65535, options [mss 1460,sackOK,eol], length 0
> 13:06:49.683159 IP 172.20.10.2.61658 > 172.20.10.6.80: Flags [S], seq
> 2615143147, win 65535, options [mss 1460,nop,wscale 5,nop,nop,TS val
> 1326437805 ecr 0,sackOK,eol], length 0
> 13:06:49.933186 IP 172.20.10.2.61659 > 172.20.10.6.80: Flags [S], seq
> 2439157426, win 65535, options [mss 1460,nop,wscale 5,nop,nop,TS val
> 1326438055 ecr 0,sackOK,eol], length 0
> 13:06:50.684257 IP 172.20.10.2.61658 > 172.20.10.6.80: Flags [S], seq
> 2615143147, win 65535, options [mss 1460,nop,wscale 5,nop,nop,TS val
> 1326438805 ecr 0,sackOK,eol], length 0
> 13:06:50.934982 IP 172.20.10.2.61659 > 172.20.10.6.80: Flags [S], seq
> 2439157426, win 65535, options [mss 1460,nop,wscale 5,nop,nop,TS val
> 1326439055 ecr 0,sackOK,eol], length 0
> 13:06:51.685122 IP 172.20.10.2.61658 > 172.20.10.6.80: Flags [S], seq
> 2615143147, win 65535, options [mss 1460,nop,wscale 5,nop,nop,TS val
> 1326439805 ecr 0,sackOK,eol], length 0
> 13:06:51.936173 IP 172.20.10.2.61659 > 172.20.10.6.80: Flags [S], seq
> 2439157426, win 65535, options [mss 1460,nop,wscale 5,nop,nop,TS val
> 1326440055 ecr 0,sackOK,eol], length 0
> 13:06:52.687047 IP 172.20.10.2.61658 > 172.20.10.6.80: Flags [S], seq
> 2615143147, win 65535, options [mss 1460,nop,wscale 5,nop,nop,TS val
> 1326440805 ecr 0,sackOK,eol], length 0
> 13:06:52.938955 IP 172.20.10.2.61659 > 172.20.10.6.80: Flags [S], seq
> 2439157426, win 65535, options [mss 1460,nop,wscale 5,nop,nop,TS val
> 1326441055 ecr 0,sackOK,eol], length 0
> 13:06:53.692296 IP 172.20.10.2.61658 > 172.20.10.6.80: Flags [S], seq
> 2615143147, win 65535, options [mss 1460,nop,wscale 5,nop,nop,TS val
> 1326441805 ecr 0,sackOK,eol], length 0
> 13:06:53.944695 IP 172.20.10.2.61659 > 172.20.10.6.80: Flags [S], seq
> 2439157426, win 65535, options [mss 1460,nop,wscale 5,nop,nop,TS val
> 1326442055 ecr 0,sackOK,eol], length 0
> 13:06:54.698199 IP 172.20.10.2.61658 > 172.20.10.6.80: Flags [S], seq
> 2615143147, win 65535, options [mss 1460,nop,wscale 5,nop,nop,TS val
> 1326442805 ecr 0,sackOK,eol], length 0
> 13:06:54.948887 IP 172.20.10.2.61659 > 172.20.10.6.80: Flags [S], seq
> 2439157426, win 65535, options [mss 1460,nop,wscale 5,nop,nop,TS val
> 1326443055 ecr 0,sackOK,eol], length 0
> 13:06:56.712993 IP 172.20.10.2.61658 > 172.20.10.6.80: Flags [S], seq
> 2615143147, win 65535, options [mss 1460,nop,wscale 5,nop,nop,TS val
> 1326444805 ecr 0,sackOK,eol], length 0
> 13:06:56.964115 IP 172.20.10.2.61659 > 172.20.10.6.80: Flags [S], seq
> 2439157426, win 65535, options [mss 1460,nop,wscale 5,nop,nop,TS val
> 1326445055 ecr 0,sackOK,eol], length 0
>
> *Aldo Sarmiento*
> _______________________________________________
> Please read the documentation before posting - it's available at:
> http://www.linuxvirtualserver.org/
>
> LinuxVirtualServer.org mailing list - lvs-users at LinuxVirtualServer.org
> Send requests to lvs-users-request at LinuxVirtualServer.org
> or go to http://lists.graemef.net/mailman/listinfo/lvs-users
>


More information about the lvs-users mailing list