I have setup a stanza in keepalived.conf for SSH to use an alternate port. But whenever I try to ssh into the VIP on the alternate port I get a "No route to host". It looks like it gets to the director but it never gets to the real server. I see an immediate inactive connection in IPVS. All firewalls on both directors and real servers are down. keepalived is 1.1.13. All the other IPVS traffic is behaving correctly, 80, 8080, 443.
???? Gerry ===================================================== On a non-director machine: # ssh -p 33322 -v [EMAIL PROTECTED] OpenSSH_4.5p1, OpenSSL 0.9.8b 04 May 2006 debug1: Reading configuration data /etc/ssh/ssh_config debug1: Applying options for * debug1: Connecting to 192.168.1.240 [192.168.1.240] port 33322. debug1: connect to address 192.168.1.240 port 33322: No route to host ssh: connect to host 192.168.1.240 port 33322: No route to host On director: # ipvsadm -ln IP Virtual Server version 1.2.1 (size=4096) Prot LocalAddress:Port Scheduler Flags -> RemoteAddress:Port Forward Weight ActiveConn InActConn TCP 192.168.1.240:443 rr persistent 600 -> 192.168.1.201:443 Route 1 0 0 -> 192.168.1.200:443 Route 1 0 0 TCP 192.168.1.240:33322 rr persistent 600 -> 192.168.1.26:22 Route 1 0 0 -> 192.168.1.25:22 Route 1 0 1 keepalived.conf: ... virtual_server 192.168.1.240 33322 { delay_loop 5 lb_algo rr lb_kind DR persistence_timeout 600 protocol TCP real_server 192.168.1.25 22 { weight 1 inhibit_on_failure TCP_CHECK { connect_port 22 connect_timeout 3 nb_get_retry 3 delay_before_retry 1 } } real_server 192.168.1.26 22 { weight 1 inhibit_on_failure TCP_CHECK { connect_port 22 connect_timeout 3 nb_get_retry 3 delay_before_retry 1 } } } ... master director: # ip addr show 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast qlen 1000 link/ether 00:0c:29:a7:c7:33 brd ff:ff:ff:ff:ff:ff inet 192.168.1.150/24 brd 192.168.1.255 scope global eth0 inet 192.168.1.240/24 scope global secondary eth0 inet6 fe80::20c:29ff:fea7:c733/64 scope link valid_lft forever preferred_lft forever backup director: # ip addr show 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo inet 192.168.1.240/32 scope host lo inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast qlen 1000 link/ether 00:0c:29:54:ef:09 brd ff:ff:ff:ff:ff:ff inet 192.168.1.151/24 brd 192.168.1.255 scope global eth0 inet6 fe80::20c:29ff:fe54:ef09/64 scope link valid_lft forever preferred_lft forever realservers: 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast qlen 1000 link/ether 00:18:f8:0b:55:54 brd ff:ff:ff:ff:ff:ff inet 192.168.1.25/24 brd 192.168.1.255 scope global eth0 inet6 fe80::218:f8ff:fe0b:5554/64 scope link valid_lft forever preferred_lft forever _______________________________________________ LinuxVirtualServer.org mailing list - lvs-users@LinuxVirtualServer.org Send requests to [EMAIL PROTECTED] or go to http://lists.graemef.net/mailman/listinfo/lvs-users