-------- Original Message -------- Subject: Re: [lvs-users] question about LVS From: Ryan Manikowski <[email protected]> To: [email protected] Date: 05/03/2010 04:19 PM
> On 5/3/2010 9:41 AM, Michiel van Es wrote: >> Could it be that server1 isn't working correctly that the LVS DR does >> not route traffic to that server? >> >> It can connect: >> >> r...@vps704:~/scripts# telnet server1.pcintelligence.nl 25 >> Trying 194.145.200.17... >> Connected to server1.pcintelligence.nl. >> Escape character is '^]'. >> 220 PCIntelligence mailserver 1 - mx1.pcintelligence.nl ESMTP >> quit >> 221 PCIntelligence mailserver 1 - mx1.pcintelligence.nl >> Connection closed by foreign host. >> >> >> But I keep getting forward only to real server2: >> >> 221 PCIntelligence mailserver 2 - mx2.pcintelligence.nl >> Connection closed by foreign host. >> mich...@wmichiele:~$ telnet 194.145.200.87 25 >> Trying 194.145.200.87... >> telnet: Unable to connect to remote host: No route to host >> mich...@wmichiele:~$ telnet 194.145.200.87 25 >> Trying 194.145.200.87... >> Connected to 194.145.200.87. >> Escape character is '^]'. >> 220 PCIntelligence mailserver 2 - mx2.pcintelligence.nl ESMTP >> quit >> 221 PCIntelligence mailserver 2 - mx2.pcintelligence.nl >> Connection closed by foreign host. >> >> >> And because it is RR, that is perhaps why I get the first time server2 >> and the 2nd time server1 and I get the telnet: Unable to connect to >> remote host: No route to host >> >> What should I check on server1? >> I also tried to change the weight on the LVS DR server from server 1 to >> 2 so it would get more hits but no avail: >> >> I am running this on the LVS server: >> >> #!/bin/bash >> #---------------mini-rc.lvs_dr-director------------------------ >> #set ip_forward OFF for lvs-dr director (1 on, 0 off) >> #(there is no forwarding in the conventional sense for LVS-DR) >> cat /proc/sys/net/ipv4/ip_forward >> echo "0">/proc/sys/net/ipv4/ip_forward >> >> #director is not gw for realservers: leave icmp redirects on >> echo 'setting icmp redirects (1 on, 0 off) ' >> echo "1">/proc/sys/net/ipv4/conf/all/send_redirects >> cat /proc/sys/net/ipv4/conf/all/send_redirects >> echo "1">/proc/sys/net/ipv4/conf/default/send_redirects >> cat /proc/sys/net/ipv4/conf/default/send_redirects >> echo "1">/proc/sys/net/ipv4/conf/eth0/send_redirects >> cat /proc/sys/net/ipv4/conf/eth0/send_redirects >> >> #add ethernet device and routing for VIP 194.145.200.87 >> /sbin/ifconfig eth0:110 194.145.200.87 broadcast 194.145.200.87 netmask >> 255.255.255.255 >> /sbin/route add -host 194.145.200.87 dev eth0:110 >> #listing ifconfig info for VIP 194.145.200.87 >> /sbin/ifconfig eth0:110 >> >> #check VIP 194.145.200.87 is reachable from self (director) >> /bin/ping -c 1 194.145.200.87 >> #listing routing info for VIP 194.145.200.87 >> /bin/netstat -rn >> >> #setup_ipvsadm_table >> #clear ipvsadm table >> /sbin/ipvsadm -C >> #installing LVS services with ipvsadm >> #add smtp to VIP with round robin scheduling >> /sbin/ipvsadm -A -t 194.145.200.87:smtp -s rr >> >> #forward smtp to realserver using direct routing with weight 1 >> /sbin/ipvsadm -a -t 194.145.200.87:smtp -r 194.145.200.17 -g -w 2 >> #check realserver reachable from director >> ping -c 1 194.145.200.17 >> >> #forward smtp to realserver using direct routing with weight 1 >> /sbin/ipvsadm -a -t 194.145.200.87:smtp -r 194.145.200.171 -g -w 1 >> #check realserver reachable from director >> ping -c 1 194.145.200.171 >> >> #displaying ipvsadm settings >> /sbin/ipvsadm >> >> #not installing a default gw for LVS_TYPE vs-dr >> #---------------mini-rc.lvs_dr-director------------------------ >> >> >> And on the real servers: >> >> #!/bin/bash >> #----------mini-rc.lvs_dr-realserver------------------ >> #installing default gw 192.168.1.254 for vs-dr >> #/sbin/route add default gw 192.168.1.254 >> #showing routing table >> /bin/netstat -rn >> #checking if DEFAULT_GW 192.168.1.254 is reachable >> #ping -c 1 192.168.1.254 >> >> #set_realserver_ip_forwarding to OFF (1 on, 0 off). >> echo "0">/proc/sys/net/ipv4/ip_forward >> cat /proc/sys/net/ipv4/ip_forward >> >> #looking for DIP 192.168.1.9 >> ping -c 1 194.145.200.86 >> >> #looking for VIP (will be on director) >> ping -c 1 194.145.200.87 >> >> #install_realserver_vip >> /sbin/ifconfig lo:110 194.145.200.87 broadcast 194.145.200.87 netmask >> 0xffffffff up >> #ifconfig output >> /sbin/ifconfig lo:110 >> #installing route for VIP 194.145.200.87 on device lo:110 >> /sbin/route add -host 194.145.200.87 dev lo:110 >> #listing routing info for VIP 194.145.200.87 >> /bin/netstat -rn >> >> #hiding interface lo:110, will not arp >> #echo "1">/proc/sys/net/ipv4/conf/all/hidden >> #cat /proc/sys/net/ipv4/conf/all/hidden >> #echo "1">/proc/sys/net/ipv4/conf/lo/hidden >> #cat /proc/sys/net/ipv4/conf/lo/hidden >> echo 1> /proc/sys/net/ipv4/conf/eth0/arp_ignore >> echo 2> /proc/sys/net/ipv4/conf/eth0/arp_announce >> echo 1> /proc/sys/net/ipv4/conf/all/arp_ignore >> echo 2> /proc/sys/net/ipv4/conf/all/arp_announce >> >> #----------mini-rc.lvs_dr-realserver------------------ >> >> >> Am I missing something? >> I found it awkward it server1 does not give a banner..I think LVS sees >> the server up (server1) but something goes wrong with the return traffic >> so that is perhaps why I sometimes get the 'Unable to connect to remote >> host: No route to host' >> >> How can I troubleshoot and confirm this? >> >> Kind Regards, >> >> Michiel >> >> -------- Original Message -------- >> Subject: Re: [lvs-users] question about LVS >> From: Michiel van Es<[email protected]> >> To: LinuxVirtualServer.org users mailing list. >> <[email protected]> >> Date: 05/03/2010 02:39 PM >> >> >>> >>> -------- Original Message -------- >>> Subject: Re: [lvs-users] question about LVS >>> From: Michael Schwartzkopff<[email protected]> >>> To: LinuxVirtualServer.org users mailing list. >>> <[email protected]> >>> Date: 05/03/2010 02:34 PM >>> >>> >>>> Am Montag, 3. Mai 2010 14:31:32 schrieb Michiel van Es: >>>> >>>>> So to get it right: >>>>> >>>>> On the director: >>>>> >>>> net.ipv4.ip_forward = 1 >>>>> >>>>> On the real servers: >>>>> >>>> net.ipv4.conf.all.arp_ignore = 1 >>>>> >>>> net.ipv4.conf.eth0.arp_ignore = 1 >>>>> >>>> net.ipv4.conf.all.arp_announce = 2 >>>>> >>>> net.ipv4.conf.eth0.arp_announce = 2 >>>>> >>>>> No forwarding on the real servers right? >>>>> >>>> Correct >>>> >>> Thanks. >>> >>> I still got the same results: >>> >>> I only connect to server2 and never to server1, also 1 of the 2 times I >>> get a 'No route to host': >>> >>> mich...@wmichiele:~$ telnet 194.145.200.87 25 >>> Trying 194.145.200.87... >>> Connected to 194.145.200.87. >>> Escape character is '^]'. >>> 220 PCIntelligence mailserver 2 - mx2.pcintelligence.nl ESMTP >>> quit >>> 221 PCIntelligence mailserver 2 - mx2.pcintelligence.nl >>> Connection closed by foreign host. >>> mich...@wmichiele:~$ telnet 194.145.200.87 25 >>> Trying 194.145.200.87... >>> telnet: Unable to connect to remote host: No route to host >>> mich...@wmichiele:~$ telnet 194.145.200.87 25 >>> Trying 194.145.200.87... >>> Connected to 194.145.200.87. >>> Escape character is '^]'. >>> 220 PCIntelligence mailserver 2 - mx2.pcintelligence.nl ESMTP >>> quit >>> 221 PCIntelligence mailserver 2 - mx2.pcintelligence.nl >>> Connection closed by foreign host. >>> mich...@wmichiele:~$ telnet 194.145.200.87 25 >>> Trying 194.145.200.87... >>> telnet: Unable to connect to remote host: No route to host >>> >>> >>> >>>> >>> _______________________________________________ >>> Please read the documentation before posting - it's available at: >>> http://www.linuxvirtualserver.org/ >>> >>> LinuxVirtualServer.org mailing list - [email protected] >>> Send requests to [email protected] >>> or go to http://lists.graemef.net/mailman/listinfo/lvs-users >>> >> _______________________________________________ >> Please read the documentation before posting - it's available at: >> http://www.linuxvirtualserver.org/ >> >> LinuxVirtualServer.org mailing list - [email protected] >> Send requests to [email protected] >> or go to http://lists.graemef.net/mailman/listinfo/lvs-users >> > > Just curious, can you telnet from 194.145.200.87 to 194.145.200.171:25? > Sounds as though the host at .171 is either a) not listening on port 25 > or b) firewall rules (iptables) are preventing the connection from being > established. From experience, both will cause 'no route to host' errors. Both are working and listening and available from the LVS-DR: r...@vps704:~/scripts# telnet server1.pcintelligence.nl 25 Trying 194.145.200.17... Connected to server1.pcintelligence.nl. Escape character is '^]'. 220 PCIntelligence mailserver 1 - mx1.pcintelligence.nl ESMTP quit 221 PCIntelligence mailserver 1 - mx1.pcintelligence.nl Connection closed by foreign host. r...@vps704:~/scripts# telnet server2.pcintelligence.nl 25 Trying 194.145.200.171... Connected to server2.pcintelligence.nl. Escape character is '^]'. 220 PCIntelligence mailserver 2 - mx2.pcintelligence.nl ESMTP quit 221 PCIntelligence mailserver 2 - mx2.pcintelligence.nl Connection closed by foreign host. Kind regards, Michiel > _______________________________________________ Please read the documentation before posting - it's available at: http://www.linuxvirtualserver.org/ LinuxVirtualServer.org mailing list - [email protected] Send requests to [email protected] or go to http://lists.graemef.net/mailman/listinfo/lvs-users
