Login | Register For Free | Help
Search for: (Advanced)

Mailing List Archive: Linux Virtual Server: Users

[lvs-users] Problem with LVS-TUN (not listening)

  

 
Linux Virtual Server users RSS feed   Index | Next | Previous | View Threaded


laurent.bts at spaceshell

Aug 28, 2007, 9:35 AM

Post #1 of 10 (788 views)
Permalink
[lvs-users] Problem with LVS-TUN (not listening)
Hello, I have an enormous problem with the configuration ofv the "director"
for LVS TUN



The network: Multiple server in netcenter (different networks!)

Virtual IP: 87.98.190.253

Director IP: 91.121.78.111

Real Server1: 91.121.7.129

Real Server2: 87.98.250.2



All the server use a "Kernel 2.6" out of Debian 4.0. The director has Kernel
2.6 compiled with IPVS (dmesg: "IPVS: ipvs loaded.")



Orders on the Director:

echo "1" /proc/sys/net/ipv4/ip_foward

ifconfig eth0:1 87.98.190.253 broadcast 87.98.190.253 netmask
255.255.255.255

//Respond to ping !!

//Configuration of ipvs

ipvsadm -A -t 87.98.190.253:80 -s wlc

ipvsadm -a -t 87.98.190.253:80 -r 91.121.7.129:80 -i -w 1

ipvsadm -a -t 87.98.190.253:80 -r 87.98.250.2:80 -i -w 1



I think well of having made the configuration of the director but there is
no process with listening of port 80! Even with "/etc/init.d/ipvsadm start".



A solution?



Thank !


No virus found in this outgoing message.
Checked by AVG Free Edition.
Version: 7.5.484 / Virus Database: 269.12.10/976 - Release Date: 27/08/2007
18:20



No virus found in this outgoing message.
Checked by AVG Free Edition.
Version: 7.5.484 / Virus Database: 269.12.10/976 - Release Date: 27/08/2007
18:20

_______________________________________________
LinuxVirtualServer.org mailing list - lvs-users [at] LinuxVirtualServer
Send requests to lvs-users-request [at] LinuxVirtualServer
or go to http://lists.graemef.net/mailman/listinfo/lvs-users


jmack at wm7d

Aug 28, 2007, 10:09 AM

Post #2 of 10 (743 views)
Permalink
Re: [lvs-users] Problem with LVS-TUN (not listening) [In reply to]
On Tue, 28 Aug 2007, Ducassou Laurent-Pierre wrote:

> Hello, I have an enormous problem with the configuration ofv the "director"
> for LVS TUN

did you first set up a working LVS-DR?

Joe

--
Joseph Mack NA3T EME(B,D), FM05lw North Carolina
jmack (at) wm7d (dot) net - azimuthal equidistant map
generator at http://www.wm7d.net/azproj.shtml
Homepage http://www.austintek.com/ It's GNU/Linux!

_______________________________________________
LinuxVirtualServer.org mailing list - lvs-users [at] LinuxVirtualServer
Send requests to lvs-users-request [at] LinuxVirtualServer
or go to http://lists.graemef.net/mailman/listinfo/lvs-users


graeme at graemef

Aug 28, 2007, 10:41 AM

Post #3 of 10 (737 views)
Permalink
Re: [lvs-users] Problem with LVS-TUN (not listening) [In reply to]
On Tue, 2007-08-28 at 18:35 +0200, Ducassou Laurent-Pierre wrote:
> I think well of having made the configuration of the director but there is
> no process with listening of port 80! Even with "/etc/init.d/ipvsadm start".

There isn't a listener; LVS is a clever router. With one, or a thousand
virtual services you will see nothing bound to port 80 on the VIP.

A more important set of questions for you is:

Make a request to the VIP from a client machine on a remote network.
Do you see traffic to the VIP on the director?
If yes, do you then see traffic destined for the VIP going to the
realservers leaving the director?
If yes, do you then see traffic destined for the VIP arriving on the tun
interface on the realservers?
If yes, do you see replies leaving the realservers for the client?

Graeme


_______________________________________________
LinuxVirtualServer.org mailing list - lvs-users [at] LinuxVirtualServer
Send requests to lvs-users-request [at] LinuxVirtualServer
or go to http://lists.graemef.net/mailman/listinfo/lvs-users


laurent.bts at spaceshell

Aug 28, 2007, 11:54 AM

Post #4 of 10 (735 views)
Permalink
Re: [lvs-users] Problem with LVS-TUN (not listening) [In reply to]
> > Hello, I have an enormous problem with the configuration ofv the
> "director"
> > for LVS TUN
>
> did you first set up a working LVS-DR?
[Ducassou Laurent-Pierre]
No, is not possible all server is not in the same network.

> There isn't a listener; LVS is a clever router. With one, or a thousand
> virtual services you will see nothing bound to port 80 on the VIP.
Yes I see this,


> A more important set of questions for you is:
>
> Make a request to the VIP from a client machine on a remote network.

[Ducassou Laurent-Pierre]
All The request to the VIP is carried out by a remote network (only with
Internet !)

> Do you see traffic to the VIP on the director?

[Ducassou Laurent-Pierre]
No :/ but the Real Server respond to the direct request of clients

> If yes, do you then see traffic destined for the VIP going to the
> realservers leaving the director?
> If yes, do you then see traffic destined for the VIP arriving on the tun
> interface on the realservers?
> If yes, do you see replies leaving the realservers for the client?
>
> Graeme
>
>
> _______________________________________________
> LinuxVirtualServer.org mailing list - lvs-users [at] LinuxVirtualServer
> Send requests to lvs-users-request [at] LinuxVirtualServer
> or go to http://lists.graemef.net/mailman/listinfo/lvs-users
>
> No virus found in this incoming message.
> Checked by AVG Free Edition.
> Version: 7.5.484 / Virus Database: 269.12.10/976 - Release Date:
> 27/08/2007 18:20
>

No virus found in this outgoing message.
Checked by AVG Free Edition.
Version: 7.5.484 / Virus Database: 269.12.10/976 - Release Date: 27/08/2007
18:20



_______________________________________________
LinuxVirtualServer.org mailing list - lvs-users [at] LinuxVirtualServer
Send requests to lvs-users-request [at] LinuxVirtualServer
or go to http://lists.graemef.net/mailman/listinfo/lvs-users


graeme at graemef

Aug 28, 2007, 12:40 PM

Post #5 of 10 (737 views)
Permalink
Re: [lvs-users] Problem with LVS-TUN (not listening) [In reply to]
On Tue, 2007-08-28 at 20:54 +0200, Ducassou Laurent-Pierre wrote:
> No :/ but the Real Server respond to the direct request of clients

Are you sure that the VIP is routed to the DIP? That is, if I traceroute
from here to the DIP I go one way, but if I trace to the VIP I go
somewhere else entirely (and never reach it).

Graeme


_______________________________________________
LinuxVirtualServer.org mailing list - lvs-users [at] LinuxVirtualServer
Send requests to lvs-users-request [at] LinuxVirtualServer
or go to http://lists.graemef.net/mailman/listinfo/lvs-users


jmack at wm7d

Aug 28, 2007, 1:39 PM

Post #6 of 10 (733 views)
Permalink
Re: [lvs-users] Problem with LVS-TUN (not listening) [In reply to]
On Tue, 28 Aug 2007, Ducassou Laurent-Pierre wrote:

>> did you first set up a working LVS-DR?
> [Ducassou Laurent-Pierre]
> No, is not possible all server is not in the same network.

I don't believe you can't set up a test LVS.

http://www.austintek.com/LVS/LVS-HOWTO/HOWTO/LVS-HOWTO.introduction.html#minimal_knowledge

Joe

--
Joseph Mack NA3T EME(B,D), FM05lw North Carolina
jmack (at) wm7d (dot) net - azimuthal equidistant map
generator at http://www.wm7d.net/azproj.shtml
Homepage http://www.austintek.com/ It's GNU/Linux!

_______________________________________________
LinuxVirtualServer.org mailing list - lvs-users [at] LinuxVirtualServer
Send requests to lvs-users-request [at] LinuxVirtualServer
or go to http://lists.graemef.net/mailman/listinfo/lvs-users


sameer.garg at gmail

Aug 29, 2007, 12:17 AM

Post #7 of 10 (724 views)
Permalink
Re: [lvs-users] Problem with LVS-TUN (not listening) [In reply to]
With a packet sniffer can you check whether your packets are making it
to your Real Servers? Also I experienced similar problem because the
ISP was using ingress filtering. You should check that?

On 8/29/07, Joseph Mack NA3T <jmack [at] wm7d> wrote:
> On Tue, 28 Aug 2007, Ducassou Laurent-Pierre wrote:
>
> >> did you first set up a working LVS-DR?
> > [Ducassou Laurent-Pierre]
> > No, is not possible all server is not in the same network.
>
> I don't believe you can't set up a test LVS.
>
> http://www.austintek.com/LVS/LVS-HOWTO/HOWTO/LVS-HOWTO.introduction.html#minimal_knowledge
>
> Joe
>
> --
> Joseph Mack NA3T EME(B,D), FM05lw North Carolina
> jmack (at) wm7d (dot) net - azimuthal equidistant map
> generator at http://www.wm7d.net/azproj.shtml
> Homepage http://www.austintek.com/ It's GNU/Linux!
>
> _______________________________________________
> LinuxVirtualServer.org mailing list - lvs-users [at] LinuxVirtualServer
> Send requests to lvs-users-request [at] LinuxVirtualServer
> or go to http://lists.graemef.net/mailman/listinfo/lvs-users
>

_______________________________________________
LinuxVirtualServer.org mailing list - lvs-users [at] LinuxVirtualServer
Send requests to lvs-users-request [at] LinuxVirtualServer
or go to http://lists.graemef.net/mailman/listinfo/lvs-users


laurent.bts at spaceshell

Aug 30, 2007, 3:52 PM

Post #8 of 10 (724 views)
Permalink
Re: [lvs-users] Problem with LVS-TUN (not listening) [In reply to]
Hi all,

I have solved the problem with the following commands :

echo 1 > /proc/sys/net/ipv4/all/arp_ignore
echo 2 > /proc/sys/net/ipv4/all/arp_announce
echo 1 > /proc/sys/net/ipv4/tunl0/arp_ignore
echo 2 > /proc/sys/net/ipv4/tunl0/atp_announce
echo 0 > /proc/sys/net/ipv4/tunl0/rp_filter

LVS:TUN works now :)

Thank you !!!

No virus found in this outgoing message.
Checked by AVG Free Edition.
Version: 7.5.484 / Virus Database: 269.12.12/979 - Release Date: 29/08/2007
20:21



_______________________________________________
LinuxVirtualServer.org mailing list - lvs-users [at] LinuxVirtualServer
Send requests to lvs-users-request [at] LinuxVirtualServer
or go to http://lists.graemef.net/mailman/listinfo/lvs-users


jmack at wm7d

Aug 31, 2007, 1:16 PM

Post #9 of 10 (722 views)
Permalink
Re: [lvs-users] Problem with LVS-TUN (not listening) [In reply to]
On Fri, 31 Aug 2007, Ducassou Laurent-Pierre wrote:

> Hi all,
>
> I have solved the problem with the following commands :
>
> echo 1 > /proc/sys/net/ipv4/all/arp_ignore
> echo 2 > /proc/sys/net/ipv4/all/arp_announce
> echo 1 > /proc/sys/net/ipv4/tunl0/arp_ignore
> echo 2 > /proc/sys/net/ipv4/tunl0/atp_announce
> echo 0 > /proc/sys/net/ipv4/tunl0/rp_filter

I assume this is on the realserver. If so, then the router
for the realservers is in the same network as the VIP on the
director, in which case you could use LVS-DR.

Joe


>
> LVS:TUN works now :)
>
> Thank you !!!
>
> No virus found in this outgoing message.
> Checked by AVG Free Edition.
> Version: 7.5.484 / Virus Database: 269.12.12/979 - Release Date: 29/08/2007
> 20:21
>
>
>
> _______________________________________________
> LinuxVirtualServer.org mailing list - lvs-users [at] LinuxVirtualServer
> Send requests to lvs-users-request [at] LinuxVirtualServer
> or go to http://lists.graemef.net/mailman/listinfo/lvs-users
>

--
Joseph Mack NA3T EME(B,D), FM05lw North Carolina
jmack (at) wm7d (dot) net - azimuthal equidistant map
generator at http://www.wm7d.net/azproj.shtml
Homepage http://www.austintek.com/ It's GNU/Linux!

_______________________________________________
LinuxVirtualServer.org mailing list - lvs-users [at] LinuxVirtualServer
Send requests to lvs-users-request [at] LinuxVirtualServer
or go to http://lists.graemef.net/mailman/listinfo/lvs-users


jmack at wm7d

Aug 31, 2007, 1:21 PM

Post #10 of 10 (723 views)
Permalink
Re: [lvs-users] Problem with LVS-TUN (not listening) [In reply to]
On Fri, 31 Aug 2007, Joseph Mack NA3T wrote:

> On Fri, 31 Aug 2007, Ducassou Laurent-Pierre wrote:
>
>> Hi all,
>>
>> I have solved the problem with the following commands :
>>
>> echo 1 > /proc/sys/net/ipv4/all/arp_ignore
>> echo 2 > /proc/sys/net/ipv4/all/arp_announce
>> echo 1 > /proc/sys/net/ipv4/tunl0/arp_ignore
>> echo 2 > /proc/sys/net/ipv4/tunl0/atp_announce
>> echo 0 > /proc/sys/net/ipv4/tunl0/rp_filter
>
> I assume this is on the realserver. If so, then the router
> for the realservers is in the same network as the VIP on the
> director, in which case you could use LVS-DR.

sorry I didn't explain this. The main point is that there's
no arp problem with LVS-Tun, when the realservers are on a
different network to the director's VIP (ie the VIP on the
director and the VIPs on the realsevers are behind diffrent
routers).

Joe


>
> Joe
>
>
>>
>> LVS:TUN works now :)
>>
>> Thank you !!!
>>
>> No virus found in this outgoing message.
>> Checked by AVG Free Edition.
>> Version: 7.5.484 / Virus Database: 269.12.12/979 - Release Date: 29/08/2007
>> 20:21
>>
>>
>>
>> _______________________________________________
>> LinuxVirtualServer.org mailing list - lvs-users [at] LinuxVirtualServer
>> Send requests to lvs-users-request [at] LinuxVirtualServer
>> or go to http://lists.graemef.net/mailman/listinfo/lvs-users
>>
>
>

--
Joseph Mack NA3T EME(B,D), FM05lw North Carolina
jmack (at) wm7d (dot) net - azimuthal equidistant map
generator at http://www.wm7d.net/azproj.shtml
Homepage http://www.austintek.com/ It's GNU/Linux!

_______________________________________________
LinuxVirtualServer.org mailing list - lvs-users [at] LinuxVirtualServer
Send requests to lvs-users-request [at] LinuxVirtualServer
or go to http://lists.graemef.net/mailman/listinfo/lvs-users

Linux Virtual Server users RSS feed   Index | Next | Previous | View Threaded
 
 


Interested in having your list archived? Contact Gossamer Threads
 
  Web Applications & Managed Hosting Powered by Gossamer Threads Inc.