<snip> >>>> >>>>> >>>>> -------- Original Message -------- >>>>> Subject: Re: [lvs-users] question about LVS >>>>> From: Michael Schwartzkopff<[email protected]> >>>>> To: LinuxVirtualServer.org users mailing list. >>>>> <[email protected]> >>>>> Date: 05/03/2010 02:34 PM >>>>> >>>>> >>>>>> Am Montag, 3. Mai 2010 14:31:32 schrieb Michiel van Es: >>>>>> >>>>>>> So to get it right: >>>>>>> >>>>>>> On the director: >>>>>>> >>>> net.ipv4.ip_forward = 1 >>>>>>> >>>>>>> On the real servers: >>>>>>> >>>> net.ipv4.conf.all.arp_ignore = 1 >>>>>>> >>>> net.ipv4.conf.eth0.arp_ignore = 1 >>>>>>> >>>> net.ipv4.conf.all.arp_announce = 2 >>>>>>> >>>> net.ipv4.conf.eth0.arp_announce = 2 >>>>>>> >>>>>>> No forwarding on the real servers right? >>>>>>> >>>>>> Correct >>>>>> >>>>> Thanks. >>>>> >>>>> I still got the same results: >>>>> >>>>> I only connect to server2 and never to server1, also 1 of the 2 >>>>> times I >>>>> get a 'No route to host': >>>>> >>>>> mich...@wmichiele:~$ telnet 194.145.200.87 25 >>>>> Trying 194.145.200.87... >>>>> Connected to 194.145.200.87. >>>>> Escape character is '^]'. >>>>> 220 PCIntelligence mailserver 2 - mx2.pcintelligence.nl ESMTP >>>>> quit >>>>> 221 PCIntelligence mailserver 2 - mx2.pcintelligence.nl >>>>> Connection closed by foreign host. >>>>> mich...@wmichiele:~$ telnet 194.145.200.87 25 >>>>> Trying 194.145.200.87... >>>>> telnet: Unable to connect to remote host: No route to host >>>>> mich...@wmichiele:~$ telnet 194.145.200.87 25 >>>>> Trying 194.145.200.87... >>>>> Connected to 194.145.200.87. >>>>> Escape character is '^]'. >>>>> 220 PCIntelligence mailserver 2 - mx2.pcintelligence.nl ESMTP >>>>> quit >>>>> 221 PCIntelligence mailserver 2 - mx2.pcintelligence.nl >>>>> Connection closed by foreign host. >>>>> mich...@wmichiele:~$ telnet 194.145.200.87 25 >>>>> Trying 194.145.200.87... >>>>> telnet: Unable to connect to remote host: No route to host >>>>> >>>>> > <snip> >>> >>> Just curious, can you telnet from 194.145.200.87 to 194.145.200.171:25? >>> Sounds as though the host at .171 is either a) not listening on port 25 >>> or b) firewall rules (iptables) are preventing the connection from being >>> established. From experience, both will cause 'no route to host' errors. >> >> Both are working and listening and available from the LVS-DR: >> >> r...@vps704:~/scripts# telnet server1.pcintelligence.nl 25 >> Trying 194.145.200.17... >> Connected to server1.pcintelligence.nl. >> Escape character is '^]'. >> 220 PCIntelligence mailserver 1 - mx1.pcintelligence.nl ESMTP >> quit >> 221 PCIntelligence mailserver 1 - mx1.pcintelligence.nl >> Connection closed by foreign host. >> r...@vps704:~/scripts# telnet server2.pcintelligence.nl 25 >> Trying 194.145.200.171... >> Connected to server2.pcintelligence.nl. >> Escape character is '^]'. >> 220 PCIntelligence mailserver 2 - mx2.pcintelligence.nl ESMTP >> quit >> 221 PCIntelligence mailserver 2 - mx2.pcintelligence.nl >> Connection closed by foreign host. >> >> Kind regards, >> >> Michiel >> >>> > > What is the output of the 'ipvsadm' command on the director? Please > reply with the output pasted here or on the web (e.g. pastebin). >
I also found out that it is the real server server1 which gives the problem. When I do an iptables -F on the server1 real server, a telnet to tje load balancer takes a very long time and then dies: mich...@wmichiele:~$ telnet 194.145.200.87 25 Trying 194.145.200.87... telnet: Unable to connect to remote host: Connection timed out When I start the IPtables service: I get an: mich...@wmichiele:~$ telnet 194.145.200.87 25 Trying 194.145.200.87... telnet: Unable to connect to remote host: No route to host But I don't understand it, the LVS DR is capable of connecting to the smtp port. Perhaps some routing or conntrack issues? Where should I look on server1 or the LVS-dr ? Kind regards, Michiel _______________________________________________ Please read the documentation before posting - it's available at: http://www.linuxvirtualserver.org/ LinuxVirtualServer.org mailing list - [email protected] Send requests to [email protected] or go to http://lists.graemef.net/mailman/listinfo/lvs-users
