[lvs-users] Stop LVS realserver from redirecing VIP-connections to loopback

Hallvard Breien Furuseth h.b.furuseth at usit.uio.no
Tue Oct 23 14:27:35 BST 2018

We have LVS-loadbalanced ldap://VIP/ with IP tunneling.

When a program on a realserver connects to ldap://VIP/, it gets
connected to the loopback interface, because interface tunl0 has the
VIP address.  This breaks when the realserver's LDAP daemon is down.

(This is not a problem with DNS or /etc/hosts, and it happens
both when I connect to the IP address and the DNS name.)

Anyway, can I prevent this so connections to VIP really go to VIP,
and only connections to $(hostname) and localhost go to loopback?

The realservers are currently Red Hat Linux release 6 or 7.
iptables LOG shows source = destination = VIP, interface = lo.

We do have the necessary users/groups in /etc/passwd & co so the
basics will work without LDAP.  But it'd still be convenient to
have LDAP working for a realserver during maintenance.


More information about the lvs-users mailing list