-------- Original Message -------- Subject: Re: [lvs-users] question about LVS From: Ryan Manikowski <[email protected]> To: Michiel van Es <[email protected]> Date: 05/03/2010 04:42 PM
> On 5/3/2010 10:25 AM, Michiel van Es wrote: >> >> >> -------- Original Message -------- >> Subject: Re: [lvs-users] question about LVS >> From: Ryan Manikowski<[email protected]> >> To: [email protected] >> Date: 05/03/2010 04:19 PM >> >>> On 5/3/2010 9:41 AM, Michiel van Es wrote: >>>> Could it be that server1 isn't working correctly that the LVS DR does >>>> not route traffic to that server? >>>> >>>> It can connect: >>>> >>>> r...@vps704:~/scripts# telnet server1.pcintelligence.nl 25 >>>> Trying 194.145.200.17... >>>> Connected to server1.pcintelligence.nl. >>>> Escape character is '^]'. >>>> 220 PCIntelligence mailserver 1 - mx1.pcintelligence.nl ESMTP >>>> quit >>>> 221 PCIntelligence mailserver 1 - mx1.pcintelligence.nl >>>> Connection closed by foreign host. >>>> >>>> >>>> But I keep getting forward only to real server2: >>>> >>>> 221 PCIntelligence mailserver 2 - mx2.pcintelligence.nl >>>> Connection closed by foreign host. >>>> mich...@wmichiele:~$ telnet 194.145.200.87 25 >>>> Trying 194.145.200.87... >>>> telnet: Unable to connect to remote host: No route to host >>>> mich...@wmichiele:~$ telnet 194.145.200.87 25 >>>> Trying 194.145.200.87... >>>> Connected to 194.145.200.87. >>>> Escape character is '^]'. >>>> 220 PCIntelligence mailserver 2 - mx2.pcintelligence.nl ESMTP >>>> quit >>>> 221 PCIntelligence mailserver 2 - mx2.pcintelligence.nl >>>> Connection closed by foreign host. >>>> >>>> >>>> And because it is RR, that is perhaps why I get the first time server2 >>>> and the 2nd time server1 and I get the telnet: Unable to connect to >>>> remote host: No route to host >>>> >>>> What should I check on server1? >>>> I also tried to change the weight on the LVS DR server from server 1 to >>>> 2 so it would get more hits but no avail: >>>> >>>> I am running this on the LVS server: >>>> >>>> #!/bin/bash >>>> #---------------mini-rc.lvs_dr-director------------------------ >>>> #set ip_forward OFF for lvs-dr director (1 on, 0 off) >>>> #(there is no forwarding in the conventional sense for LVS-DR) >>>> cat /proc/sys/net/ipv4/ip_forward >>>> echo "0">/proc/sys/net/ipv4/ip_forward >>>> >>>> #director is not gw for realservers: leave icmp redirects on >>>> echo 'setting icmp redirects (1 on, 0 off) ' >>>> echo "1">/proc/sys/net/ipv4/conf/all/send_redirects >>>> cat /proc/sys/net/ipv4/conf/all/send_redirects >>>> echo "1">/proc/sys/net/ipv4/conf/default/send_redirects >>>> cat /proc/sys/net/ipv4/conf/default/send_redirects >>>> echo "1">/proc/sys/net/ipv4/conf/eth0/send_redirects >>>> cat /proc/sys/net/ipv4/conf/eth0/send_redirects >>>> >>>> #add ethernet device and routing for VIP 194.145.200.87 >>>> /sbin/ifconfig eth0:110 194.145.200.87 broadcast 194.145.200.87 netmask >>>> 255.255.255.255 >>>> /sbin/route add -host 194.145.200.87 dev eth0:110 >>>> #listing ifconfig info for VIP 194.145.200.87 >>>> /sbin/ifconfig eth0:110 >>>> >>>> #check VIP 194.145.200.87 is reachable from self (director) >>>> /bin/ping -c 1 194.145.200.87 >>>> #listing routing info for VIP 194.145.200.87 >>>> /bin/netstat -rn >>>> >>>> #setup_ipvsadm_table >>>> #clear ipvsadm table >>>> /sbin/ipvsadm -C >>>> #installing LVS services with ipvsadm >>>> #add smtp to VIP with round robin scheduling >>>> /sbin/ipvsadm -A -t 194.145.200.87:smtp -s rr >>>> >>>> #forward smtp to realserver using direct routing with weight 1 >>>> /sbin/ipvsadm -a -t 194.145.200.87:smtp -r 194.145.200.17 -g -w 2 >>>> #check realserver reachable from director >>>> ping -c 1 194.145.200.17 >>>> >>>> #forward smtp to realserver using direct routing with weight 1 >>>> /sbin/ipvsadm -a -t 194.145.200.87:smtp -r 194.145.200.171 -g -w 1 >>>> #check realserver reachable from director >>>> ping -c 1 194.145.200.171 >>>> >>>> #displaying ipvsadm settings >>>> /sbin/ipvsadm >>>> >>>> #not installing a default gw for LVS_TYPE vs-dr >>>> #---------------mini-rc.lvs_dr-director------------------------ >>>> >>>> >>>> And on the real servers: >>>> >>>> #!/bin/bash >>>> #----------mini-rc.lvs_dr-realserver------------------ >>>> #installing default gw 192.168.1.254 for vs-dr >>>> #/sbin/route add default gw 192.168.1.254 >>>> #showing routing table >>>> /bin/netstat -rn >>>> #checking if DEFAULT_GW 192.168.1.254 is reachable >>>> #ping -c 1 192.168.1.254 >>>> >>>> #set_realserver_ip_forwarding to OFF (1 on, 0 off). >>>> echo "0">/proc/sys/net/ipv4/ip_forward >>>> cat /proc/sys/net/ipv4/ip_forward >>>> >>>> #looking for DIP 192.168.1.9 >>>> ping -c 1 194.145.200.86 >>>> >>>> #looking for VIP (will be on director) >>>> ping -c 1 194.145.200.87 >>>> >>>> #install_realserver_vip >>>> /sbin/ifconfig lo:110 194.145.200.87 broadcast 194.145.200.87 netmask >>>> 0xffffffff up >>>> #ifconfig output >>>> /sbin/ifconfig lo:110 >>>> #installing route for VIP 194.145.200.87 on device lo:110 >>>> /sbin/route add -host 194.145.200.87 dev lo:110 >>>> #listing routing info for VIP 194.145.200.87 >>>> /bin/netstat -rn >>>> >>>> #hiding interface lo:110, will not arp >>>> #echo "1">/proc/sys/net/ipv4/conf/all/hidden >>>> #cat /proc/sys/net/ipv4/conf/all/hidden >>>> #echo "1">/proc/sys/net/ipv4/conf/lo/hidden >>>> #cat /proc/sys/net/ipv4/conf/lo/hidden >>>> echo 1> /proc/sys/net/ipv4/conf/eth0/arp_ignore >>>> echo 2> /proc/sys/net/ipv4/conf/eth0/arp_announce >>>> echo 1> /proc/sys/net/ipv4/conf/all/arp_ignore >>>> echo 2> /proc/sys/net/ipv4/conf/all/arp_announce >>>> >>>> #----------mini-rc.lvs_dr-realserver------------------ >>>> >>>> >>>> Am I missing something? >>>> I found it awkward it server1 does not give a banner..I think LVS sees >>>> the server up (server1) but something goes wrong with the return >>>> traffic >>>> so that is perhaps why I sometimes get the 'Unable to connect to remote >>>> host: No route to host' >>>> >>>> How can I troubleshoot and confirm this? >>>> >>>> Kind Regards, >>>> >>>> Michiel >>>> >>>> -------- Original Message -------- >>>> Subject: Re: [lvs-users] question about LVS >>>> From: Michiel van Es<[email protected]> >>>> To: LinuxVirtualServer.org users mailing list. >>>> <[email protected]> >>>> Date: 05/03/2010 02:39 PM >>>> >>>> >>>>> >>>>> -------- Original Message -------- >>>>> Subject: Re: [lvs-users] question about LVS >>>>> From: Michael Schwartzkopff<[email protected]> >>>>> To: LinuxVirtualServer.org users mailing list. >>>>> <[email protected]> >>>>> Date: 05/03/2010 02:34 PM >>>>> >>>>> >>>>>> Am Montag, 3. Mai 2010 14:31:32 schrieb Michiel van Es: >>>>>> >>>>>>> So to get it right: >>>>>>> >>>>>>> On the director: >>>>>>> >>>> net.ipv4.ip_forward = 1 >>>>>>> >>>>>>> On the real servers: >>>>>>> >>>> net.ipv4.conf.all.arp_ignore = 1 >>>>>>> >>>> net.ipv4.conf.eth0.arp_ignore = 1 >>>>>>> >>>> net.ipv4.conf.all.arp_announce = 2 >>>>>>> >>>> net.ipv4.conf.eth0.arp_announce = 2 >>>>>>> >>>>>>> No forwarding on the real servers right? >>>>>>> >>>>>> Correct >>>>>> >>>>> Thanks. >>>>> >>>>> I still got the same results: >>>>> >>>>> I only connect to server2 and never to server1, also 1 of the 2 >>>>> times I >>>>> get a 'No route to host': >>>>> >>>>> mich...@wmichiele:~$ telnet 194.145.200.87 25 >>>>> Trying 194.145.200.87... >>>>> Connected to 194.145.200.87. >>>>> Escape character is '^]'. >>>>> 220 PCIntelligence mailserver 2 - mx2.pcintelligence.nl ESMTP >>>>> quit >>>>> 221 PCIntelligence mailserver 2 - mx2.pcintelligence.nl >>>>> Connection closed by foreign host. >>>>> mich...@wmichiele:~$ telnet 194.145.200.87 25 >>>>> Trying 194.145.200.87... >>>>> telnet: Unable to connect to remote host: No route to host >>>>> mich...@wmichiele:~$ telnet 194.145.200.87 25 >>>>> Trying 194.145.200.87... >>>>> Connected to 194.145.200.87. >>>>> Escape character is '^]'. >>>>> 220 PCIntelligence mailserver 2 - mx2.pcintelligence.nl ESMTP >>>>> quit >>>>> 221 PCIntelligence mailserver 2 - mx2.pcintelligence.nl >>>>> Connection closed by foreign host. >>>>> mich...@wmichiele:~$ telnet 194.145.200.87 25 >>>>> Trying 194.145.200.87... >>>>> telnet: Unable to connect to remote host: No route to host >>>>> >>>>> > <snip> >>> >>> Just curious, can you telnet from 194.145.200.87 to 194.145.200.171:25? >>> Sounds as though the host at .171 is either a) not listening on port 25 >>> or b) firewall rules (iptables) are preventing the connection from being >>> established. From experience, both will cause 'no route to host' errors. >> >> Both are working and listening and available from the LVS-DR: >> >> r...@vps704:~/scripts# telnet server1.pcintelligence.nl 25 >> Trying 194.145.200.17... >> Connected to server1.pcintelligence.nl. >> Escape character is '^]'. >> 220 PCIntelligence mailserver 1 - mx1.pcintelligence.nl ESMTP >> quit >> 221 PCIntelligence mailserver 1 - mx1.pcintelligence.nl >> Connection closed by foreign host. >> r...@vps704:~/scripts# telnet server2.pcintelligence.nl 25 >> Trying 194.145.200.171... >> Connected to server2.pcintelligence.nl. >> Escape character is '^]'. >> 220 PCIntelligence mailserver 2 - mx2.pcintelligence.nl ESMTP >> quit >> 221 PCIntelligence mailserver 2 - mx2.pcintelligence.nl >> Connection closed by foreign host. >> >> Kind regards, >> >> Michiel >> >>> > > What is the output of the 'ipvsadm' command on the director? Please > reply with the output pasted here or on the web (e.g. pastebin). > This the output of the command: r...@vps704:~/scripts# ipvsadm IP Virtual Server version 1.2.1 (size=4096) Prot LocalAddress:Port Scheduler Flags -> RemoteAddress:Port Forward Weight ActiveConn InActConn TCP ts3-87.twistspace.com:smtp rr -> mx2.pcintelligence.nl:smtp Route 1 0 0 -> mx1.pcintelligence.nl:smtp Route 2 0 0 _______________________________________________ Please read the documentation before posting - it's available at: http://www.linuxvirtualserver.org/ LinuxVirtualServer.org mailing list - [email protected] Send requests to [email protected] or go to http://lists.graemef.net/mailman/listinfo/lvs-users
