Check the logs... See if there are entries about timeouts/read timeouts
What is the output of ipvsadm -L -n on the lvs server? Anoop Bhat Systems Administrator Trustwave 70 W. Madison Chicago, IL, 60602 O: 312.873.7446 C: 312.925.3271 ________________________________ From: James Chase <ja...@mandala-designs.com> Reply-To: "LinuxVirtualServer.org users mailing list." <lvs-users@linuxvirtualserver.org> Date: Tue, 30 Mar 2010 17:14:38 -0500 To: <lvs-users@linuxvirtualserver.org> Subject: Re: [lvs-users] CentOS 5 apache real servers don't respond Here it is. The page requests from my browser arrives at the LVS and I see it in tcpdump but it doesn't appear to get forwarded to the apache real server. The only traffic I see between the apache real server and the LVS is the period checks to see if the apache service is running. So perhaps there is actually something wrong with the LVS. * arptables -L on apache real server:* Table: filter Chain IN (policy ACCEPT) target source-ip destination-ip source-hw destination-hw hlen op hrd pro DROP anywhere 192.168.1.174 anywhere anywhere any any any any Chain OUT (policy ACCEPT) target source-ip destination-ip source-hw destination-hw hlen op hrd pro mangle anywhere 192.168.1.174 anywhere anywhere any any any any --mangle-ip-s 192.168.1.153 Chain FORWARD (policy ACCEPT) target source-ip destination-ip source-hw destination-hw hlen op hrd pro *lvs.cf* serial_no = 41 primary = 192.168.1.169 primary_private = 192.168.1.30 service = lvs backup_active = 1 backup = 192.168.1.171 backup_private = 192.168.1.31 heartbeat = 1 heartbeat_port = 539 keepalive = 6 deadtime = 18 network = direct nat_nmask = 255.255.255.0 debug_level = NONE monitor_links = 0 syncdaemon = 0 virtual HTTP { active = 1 address = 192.168.1.174 eth0:1 vip_nmask = 255.255.255.0 port = 80 send = "GET / HTTP/1.0\r\n\r\n" expect = "HTTP" use_regex = 0 load_monitor = none scheduler = wlc protocol = tcp timeout = 60 reentry = 15 quiesce_server = 1 server APACHE1 { address = 192.168.1.153 active = 1 weight = 1 } } *apache real server networking (eth0:2 is the VIP):* eth0 Link encap:Ethernet HWaddr 00:50:56:A1:36:11 inet addr:192.168.1.153 Bcast:192.168.1.255 Mask:255.255.255.0 inet6 addr: fe80::250:56ff:fea1:3611/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:353659 errors:0 dropped:0 overruns:0 frame:0 TX packets:250796 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:65427023 (62.3 MiB) TX bytes:211251658 (201.4 MiB) eth0:1 Link encap:Ethernet HWaddr 00:50:56:A1:36:11 inet addr:192.168.1.175 Bcast:192.168.1.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 eth0:2 Link encap:Ethernet HWaddr 00:50:56:A1:36:11 inet addr:192.168.1.174 Bcast:192.168.1.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 On 3/30/2010 5:40 PM, Anoop Bhat wrote: > I'm assuming you're using arptbles_jf? > > Is that setup correctly? > > Can you provide the arptables -L output from the real server and the snippet > from lvs.cf that applies? > > > Anoop Bhat > > > ________________________________ > From: James Chase<ja...@mandala-designs.com> > Reply-To: "LinuxVirtualServer.org users mailing > list."<lvs-users@linuxvirtualserver.org> > Date: Tue, 30 Mar 2010 16:35:32 -0500 > To:<lvs-users@linuxvirtualserver.org> > Subject: Re: [lvs-users] CentOS 5 apache real servers don't respond > > For now I am just trying to get a simple html page to load. I am > listening on all IP's and I did restart apache after adding the Virtual > IP to my apache real server just to make sure it was listening on that > IP now as well. > > I am using a virtual server setup (many sites on one IP) in apache, if > it matters. > > Anyone have any thoughts about my direct routing concerns and the setup > for that? > > On 3/30/2010 5:11 PM, Anoop Bhat wrote: > >> I also had this issue at one point in time. >> >> Are you trying to do SSL virtual servers? >> >> I thought I fixed my issue by ensuring that the real apache servers were >> listening on all IP addresses on port 80/443. >> >> Anoop Bhat >> Systems Administrator >> Trustwave >> 70 W. Madison >> Chicago, IL, 60602 >> O: 312.873.7446 >> C: 312.925.3271 >> >> >> >> ________________________________ >> From: James Chase<ja...@mandala-designs.com> >> Reply-To: "LinuxVirtualServer.org users mailing >> list."<lvs-users@linuxvirtualserver.org> >> Date: Tue, 30 Mar 2010 16:03:57 -0500 >> To:<lvs-users@linuxvirtualserver.org> >> Subject: [lvs-users] CentOS 5 apache real servers don't respond >> >> I am trying to setup LVS on CentOS 5.4 using piranha/pulse. Ideally (I >> think) I would like to do direct routing so that I can still have my >> real servers (apache machines) able to connect directly to the internet. >> >> However, I'm not able to get the apache servers to respond correctly to >> the Virtual IP requests. From tcpdump it seems like the requests are >> being forwarded to the real server from the LVS but I don't get the page >> returned to me in my browser, and I don't see the request being sent out >> in tcpdump on the apache real server. I believe I have the virtual IP >> setup correctly on the real server. >> >> As a caveat though, if the real server responds and the apache server >> response goes out on it's external IP (which would be different than the >> Virual IP) -- isn't my firewall going to block that connection since it >> is not the IP of the connection I originally tried to establish? >> >> I also tried NAT briefly but was not able to get a connection there >> either. Is NAT the suggested way of doing this? It seems like indirect >> routing would be inconvenient/difficult if you had many virtual servers >> on the real apache servers and multiple SSL sites running as well. >> >> Thanks, >> James >> >> >> _______________________________________________ >> Please read the documentation before posting - it's available at: >> http://www.linuxvirtualserver.org/ >> >> LinuxVirtualServer.org mailing list - lvs-users@LinuxVirtualServer.org >> Send requests to lvs-users-requ...@linuxvirtualserver.org >> or go to http://lists.graemef.net/mailman/listinfo/lvs-users >> >> >> >> >> _______________________________________________ >> Please read the documentation before posting - it's available at: >> http://www.linuxvirtualserver.org/ >> >> LinuxVirtualServer.org mailing list - lvs-users@LinuxVirtualServer.org >> Send requests to lvs-users-requ...@linuxvirtualserver.org >> or go to http://lists.graemef.net/mailman/listinfo/lvs-users >> >> > > > _______________________________________________ > Please read the documentation before posting - it's available at: > http://www.linuxvirtualserver.org/ > > LinuxVirtualServer.org mailing list - lvs-users@LinuxVirtualServer.org > Send requests to lvs-users-requ...@linuxvirtualserver.org > or go to http://lists.graemef.net/mailman/listinfo/lvs-users > > > > > _______________________________________________ > Please read the documentation before posting - it's available at: > http://www.linuxvirtualserver.org/ > > LinuxVirtualServer.org mailing list - lvs-users@LinuxVirtualServer.org > Send requests to lvs-users-requ...@linuxvirtualserver.org > or go to http://lists.graemef.net/mailman/listinfo/lvs-users > _______________________________________________ Please read the documentation before posting - it's available at: http://www.linuxvirtualserver.org/ LinuxVirtualServer.org mailing list - lvs-users@LinuxVirtualServer.org Send requests to lvs-users-requ...@linuxvirtualserver.org or go to http://lists.graemef.net/mailman/listinfo/lvs-users _______________________________________________ Please read the documentation before posting - it's available at: http://www.linuxvirtualserver.org/ LinuxVirtualServer.org mailing list - lvs-users@LinuxVirtualServer.org Send requests to lvs-users-requ...@linuxvirtualserver.org or go to http://lists.graemef.net/mailman/listinfo/lvs-users