Hi Pieter, Pieter Temmerman schrieb: > In every tutorial I have read on VLS, it stated that in order to receive > traffic on the VIP, the real servers should have the VIP assigned to the > lo:0 alias interface. > > When I do this, that particular server is unreachable and is either able > to reach other servers in the network. When I remove the lo:0 alias, > everything is back to normal again. > > I solved this by instead creating the VIP on tunl0 instead of lo:0. But > still, I would like the know the reason why it is failing. > > Is this a problem with my distribution or am I overlooking something > crucial? > > I have Centos 5.2 (2.6.18-1.17.el5). actually your distribution shouldn't play a role in that as it seems to be a general problem with ARP requests from what I can guess. If you haven't made any changes to your sysctl.conf then your lo:0 interface acts like a real interface and when the network is asked for the MAC address which belongs to your VIP and this request comes in on any of your machines real interfaces that machine answers too - which it shouldn't - because it thinks it has the IP address and should tell everyone about it.
You have two ways out of this: 1. Compile your kernel with dummy interface support with NOARP enabled. This is an option I am using in some setups but I generally prefer the second one as it is pretty much painless and easy to implement. 2. Edit your /etc/sysctl.conf and add the following lines: net.ipv4.conf.eth0.arp_ignore = 1 net.ipv4.conf.eth0.arp_announce = 2 net.ipv4.conf.eth1.arp_ignore = 1 net.ipv4.conf.eth1.arp_announce = 2 net.ipv4.conf.all.arp_ignore = 1 net.ipv4.conf.all.arp_announce = 2 Obviously eth0 and eth1 need to be your real network interfaces where ARP requests should be answered for the IP addresses bound to those interfaces. Afterwards everything should be fine. Afterwards you do a "sysctl -p" and everything should be fine. Sebastian -- Sebastian Geib Chabango IT Services Zillestraße 74/76 10585 Berlin Fon: +49 (0) 30 327 67 98-0 Fax: +49 (0) 30 327 67 98-5 E-Mail: [EMAIL PROTECTED] _______________________________________________ LinuxVirtualServer.org mailing list - [email protected] Send requests to [EMAIL PROTECTED] or go to http://lists.graemef.net/mailman/listinfo/lvs-users
