anyone? :) On 5/3/10 5:22 PM, Michiel van Es wrote: > > <snip> >>>>> >>>>>> >>>>>> -------- Original Message -------- >>>>>> Subject: Re: [lvs-users] question about LVS >>>>>> From: Michael Schwartzkopff<[email protected]> >>>>>> To: LinuxVirtualServer.org users mailing list. >>>>>> <[email protected]> >>>>>> Date: 05/03/2010 02:34 PM >>>>>> >>>>>> >>>>>>> Am Montag, 3. Mai 2010 14:31:32 schrieb Michiel van Es: >>>>>>> >>>>>>>> So to get it right: >>>>>>>> >>>>>>>> On the director: >>>>>>>> >>>> net.ipv4.ip_forward = 1 >>>>>>>> >>>>>>>> On the real servers: >>>>>>>> >>>> net.ipv4.conf.all.arp_ignore = 1 >>>>>>>> >>>> net.ipv4.conf.eth0.arp_ignore = 1 >>>>>>>> >>>> net.ipv4.conf.all.arp_announce = 2 >>>>>>>> >>>> net.ipv4.conf.eth0.arp_announce = 2 >>>>>>>> >>>>>>>> No forwarding on the real servers right? >>>>>>>> >>>>>>> Correct >>>>>>> >>>>>> Thanks. >>>>>> >>>>>> I still got the same results: >>>>>> >>>>>> I only connect to server2 and never to server1, also 1 of the 2 >>>>>> times I >>>>>> get a 'No route to host': >>>>>> >>>>>> mich...@wmichiele:~$ telnet 194.145.200.87 25 >>>>>> Trying 194.145.200.87... >>>>>> Connected to 194.145.200.87. >>>>>> Escape character is '^]'. >>>>>> 220 PCIntelligence mailserver 2 - mx2.pcintelligence.nl ESMTP >>>>>> quit >>>>>> 221 PCIntelligence mailserver 2 - mx2.pcintelligence.nl >>>>>> Connection closed by foreign host. >>>>>> mich...@wmichiele:~$ telnet 194.145.200.87 25 >>>>>> Trying 194.145.200.87... >>>>>> telnet: Unable to connect to remote host: No route to host >>>>>> mich...@wmichiele:~$ telnet 194.145.200.87 25 >>>>>> Trying 194.145.200.87... >>>>>> Connected to 194.145.200.87. >>>>>> Escape character is '^]'. >>>>>> 220 PCIntelligence mailserver 2 - mx2.pcintelligence.nl ESMTP >>>>>> quit >>>>>> 221 PCIntelligence mailserver 2 - mx2.pcintelligence.nl >>>>>> Connection closed by foreign host. >>>>>> mich...@wmichiele:~$ telnet 194.145.200.87 25 >>>>>> Trying 194.145.200.87... >>>>>> telnet: Unable to connect to remote host: No route to host >>>>>> >>>>>> >> <snip> >>>> >>>> Just curious, can you telnet from 194.145.200.87 to 194.145.200.171:25? >>>> Sounds as though the host at .171 is either a) not listening on port 25 >>>> or b) firewall rules (iptables) are preventing the connection from being >>>> established. From experience, both will cause 'no route to host' errors. >>> >>> Both are working and listening and available from the LVS-DR: >>> >>> r...@vps704:~/scripts# telnet server1.pcintelligence.nl 25 >>> Trying 194.145.200.17... >>> Connected to server1.pcintelligence.nl. >>> Escape character is '^]'. >>> 220 PCIntelligence mailserver 1 - mx1.pcintelligence.nl ESMTP >>> quit >>> 221 PCIntelligence mailserver 1 - mx1.pcintelligence.nl >>> Connection closed by foreign host. >>> r...@vps704:~/scripts# telnet server2.pcintelligence.nl 25 >>> Trying 194.145.200.171... >>> Connected to server2.pcintelligence.nl. >>> Escape character is '^]'. >>> 220 PCIntelligence mailserver 2 - mx2.pcintelligence.nl ESMTP >>> quit >>> 221 PCIntelligence mailserver 2 - mx2.pcintelligence.nl >>> Connection closed by foreign host. >>> >>> Kind regards, >>> >>> Michiel >>> >>>> >> >> What is the output of the 'ipvsadm' command on the director? Please >> reply with the output pasted here or on the web (e.g. pastebin). >> > > I also found out that it is the real server server1 which gives the problem. > When I do an iptables -F on the server1 real server, a telnet to tje > load balancer takes a very long time and then dies: > mich...@wmichiele:~$ telnet 194.145.200.87 25 > Trying 194.145.200.87... > telnet: Unable to connect to remote host: Connection timed out > > > When I start the IPtables service: > I get an: > mich...@wmichiele:~$ telnet 194.145.200.87 25 > Trying 194.145.200.87... > telnet: Unable to connect to remote host: No route to host > > > But I don't understand it, the LVS DR is capable of connecting to the > smtp port. > Perhaps some routing or conntrack issues? > Where should I look on server1 or the LVS-dr ? > > Kind regards, > > Michiel > > > > _______________________________________________ > Please read the documentation before posting - it's available at: > http://www.linuxvirtualserver.org/ > > LinuxVirtualServer.org mailing list - [email protected] > Send requests to [email protected] > or go to http://lists.graemef.net/mailman/listinfo/lvs-users
_______________________________________________ Please read the documentation before posting - it's available at: http://www.linuxvirtualserver.org/ LinuxVirtualServer.org mailing list - [email protected] Send requests to [email protected] or go to http://lists.graemef.net/mailman/listinfo/lvs-users
