-------- Original Message -------- Subject: Re: [lvs-users] question about LVS From: L.S. Keijser <[email protected]> To: LinuxVirtualServer.org users mailing list. <[email protected]> Date: 05/04/2010 11:19 AM
> On Tue, 2010-05-04 at 10:42 +0200, Michiel van Es wrote: >> I started from scratch, I can not reinstall a whole server from scratch. > > I didn't say that. I repeated Graeme's suggestion to remove all traces > from LVS configuration from your servers and start over again... without > making use of heartbeat and/or ldirector. I am now using LVS with a simple script on the LVS DR and the 2 real servers so all tweaks and arptable issues are in 1 bash script. That script is called at startup. > >> The real server are a minimum. >> If you got a problem on a server you won't suggest your customers to >> reainstall their complete server right? :) > > I do, if the customer doesn't know what he's doing and starts to change > configuration parameters that he doesn't fully understand. It's often > quicker to come to a solution that way without having to troubleshoot > user-caused errors. It is quicker to reinstall a server with cherokee with websites , SSL, Mysql replication, Gluster node and Qmail then trying to find the issue with the arp table? > > This is a quite basic LVS setup. There have been over 20 mails the last > couple of days from you and people trying to help you. If you can't get > it working by now, i fear that your network knowledge might not be up to > par for understanding LVS. I used the basic installation. The basic documentation is 'basic'..so my changes are also 'basic'. My network knowledge is also basic..I am not a routing guru but when I read the several DR wiki pages..the changes on the real servers are 2 or 3 steps..you don't have to be an expert for that. If there is something wrong it is perhaps something with iptables, routing or arptables. > > >> If I have an ARP problem, I could troubleshoot it right? >> I have a working LVS director and a working real server (server2) >> I used the mini howto for the real server and it is working on one >> server and not on the other server. > > Maybe at some point in time you were following the HOWTO, but i see from > your previous posts that you're using ldirector and heartbeat to do > things for you that you don't actually understand. How are you going to > troubleshoot that? ldirector and heartbeat are off..I am just now using ipvadm (see my earlier posts). If you want I can post the scripts/settings I use on my LVS Dr and on the real servers. They are just small bash scripts from 20 lines or such..a LVS DR setup isn't that many lines of changes. > > Anyway (final attempt), from what you describe it's either the ARP > problem or a firewall problem. If you can connect from a client directly > to port 25 on the non-working realserver, it's probably the former. > Forget about sysctl.conf for a moment, take down the loopback device, > then set the correct /proc parameters by setting them manually (echo > value> /proc/.../arp_announce|ignore) and then bring up the loopback > device again without making use of the ifup script. I've been there, this is how I set up my real servers: #!/bin/bash echo "0" >/proc/sys/net/ipv4/ip_forward echo 1 > /proc/sys/net/ipv4/conf/eth0/arp_ignore echo 2 > /proc/sys/net/ipv4/conf/eth0/arp_announce echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce #arptables -F #arptables -A IN -d 194.145.200.87 -j DROP #arptables -A OUT -s 194.145.200.87 -j mangle --mangle-ip-s 194.145.200.171 /sbin/ifconfig lo:110 194.145.200.87 broadcast 194.145.200.87 netmask 0xffffffff up /sbin/ifconfig lo:110 /sbin/route add -host 194.145.200.87 dev lo:110 I use the exact same script on server2. Can I use tcpdump to see what is going wrong? > > > Léon Michiel > > > _______________________________________________ > Please read the documentation before posting - it's available at: > http://www.linuxvirtualserver.org/ > > LinuxVirtualServer.org mailing list - [email protected] > Send requests to [email protected] > or go to http://lists.graemef.net/mailman/listinfo/lvs-users _______________________________________________ Please read the documentation before posting - it's available at: http://www.linuxvirtualserver.org/ LinuxVirtualServer.org mailing list - [email protected] Send requests to [email protected] or go to http://lists.graemef.net/mailman/listinfo/lvs-users
