Hi request is going to one real server not to both real server . Please suggest TCP 122.166.233.136:80 wlc -> 192.168.3.2:80 Masq 1 0 0 -> 192.168.3.3:80 Masq 2 0 0 TCP 122.166.233.136:5000 wlc TCP 122.166.233.136:5001 wlc TCP 122.166.233.136:5002 wlc TCP 122.166.233.136:5003 wlc TCP 122.166.233.136:5004 wlc TCP 122.166.233.136:5005 wlc TCP 122.166.233.136:5006 wlc TCP 122.166.233.136:5007 wlc TCP 122.166.233.136:5008 wlc TCP 122.166.233.136:8080 wlc
On Thu, Mar 22, 2012 at 1:54 PM, Reet Vyas <[email protected]> wrote: > Hi > this is my routing tables > > 192.168.3.0 0.0.0.0 255.255.255.0 U 0 0 0 > eth1 > 122.166.233.0 0.0.0.0 255.255.255.0 U 0 0 0 > eth0 > 192.168.122.0 0.0.0.0 255.255.255.0 U 0 0 0 > virbr0 > 169.254.0.0 0.0.0.0 255.255.0.0 U 1003 0 0 > eth0 > 169.254.0.0 0.0.0.0 255.255.0.0 U 1004 0 0 > eth1 > 0.0.0.0 122.166.233.1 0.0.0.0 UG 0 0 0 > eth0 > > > > On Wed, Mar 21, 2012 at 7:46 PM, David Coulson <[email protected]>wrote: > >> Yes, that won't work - If squid is running on lvs router, and pointed at >> vip, it's not going to route via lvs. You can't run a lvs client on the lvs >> router, and in this case squid is the lvs client as it is proxying. >> >> Not really sure i understand your need to use squid. lvs should still >> work even if they are 'different networks' as long as your routing is setup >> properly. >> >> >> On 3/21/12 10:06 AM, Reet Vyas wrote: >> >>> I have squid on lvs router cause my real servers on diif n/w so add squid >>> proxy on lvs and gave real server ip address of my lvs router may be this >>> can be reason i cant access my application using VIP..please suggest >>> >>> On Wed, Mar 21, 2012 at 5:17 PM, David Coulson<[email protected]** >>> >wrote: >>> >>> All I see in your tcpdump is ports 22 and 443. Can you only capture the >>>> packets related to the LVS connection? You also need to do the capture >>>> on >>>> the real server, since that is probably where the issue is. >>>> >>>> >>>> On 3/21/12 3:51 AM, Reet Vyas wrote: >>>> >>>> Hi I Have reconfigured everything below are the details >>>>> >>>>> this is my ifconfig >>>>> >>>>> eth0 Link encap:Ethernet HWaddr 00:00:E8:F6:74:DA >>>>> inet addr:122.166.233.133 Bcast:122.166.233.255 >>>>> Mask:255.255.255.0 >>>>> inet6 addr: fe80::200:e8ff:fef6:74da/64 Scope:Link >>>>> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 >>>>> RX packets:94433 errors:0 dropped:0 overruns:0 frame:0 >>>>> TX packets:130966 errors:0 dropped:0 overruns:0 carrier:0 >>>>> collisions:0 txqueuelen:1000 >>>>> RX bytes:9469972 (9.0 MiB) TX bytes:19929308 (19.0 MiB) >>>>> Interrupt:16 Base address:0x2000 >>>>> >>>>> eth0:1 Link encap:Ethernet HWaddr 00:00:E8:F6:74:DA >>>>> inet addr:122.166.233.136 Bcast:122.166.233.255 >>>>> Mask:255.255.255.0 >>>>> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 >>>>> Interrupt:16 Base address:0x2000 >>>>> >>>>> eth1 Link encap:Ethernet HWaddr 00:E0:20:14:F9:2D >>>>> inet addr:192.168.3.1 Bcast:192.168.3.255 >>>>> Mask:255.255.255.0 >>>>> inet6 addr: fe80::2e0:20ff:fe14:f92d/64 Scope:Link >>>>> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 >>>>> RX packets:123718 errors:0 dropped:0 overruns:0 frame:0 >>>>> TX packets:148856 errors:0 dropped:0 overruns:0 carrier:0 >>>>> collisions:0 txqueuelen:1000 >>>>> RX bytes:18738556 (17.8 MiB) TX bytes:11697153 (11.1 MiB) >>>>> Interrupt:17 Memory:60000400-600004ff >>>>> >>>>> eth1:1 Link encap:Ethernet HWaddr 00:E0:20:14:F9:2D >>>>> inet addr:192.168.3.10 Bcast:192.168.3.255 >>>>> Mask:255.255.255.0 >>>>> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 >>>>> Interrupt:17 Memory:60000400-600004ff >>>>> >>>>> eth2 Link encap:Ethernet HWaddr 00:16:76:6E:D1:D2 >>>>> UP BROADCAST MULTICAST MTU:1500 Metric:1 >>>>> RX packets:0 errors:0 dropped:0 overruns:0 frame:0 >>>>> TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 >>>>> collisions:0 txqueuelen:1000 >>>>> RX bytes:0 (0.0 b) TX bytes:0 (0.0 b) >>>>> Interrupt:21 Base address:0xa500 >>>>> >>>>> >>>>> and ipvsadm -ln command >>>>> >>>>> IP Virtual Server version 1.2.1 (size=4096) >>>>> Prot LocalAddress:Port Scheduler Flags >>>>> -> RemoteAddress:Port Forward Weight ActiveConn InActConn >>>>> TCP 122.166.233.136:5001 rr >>>>> FWM 80 wlc >>>>> -> 192.168.3.2:80 Masq 1 0 0 >>>>> -> 192.168.3.3:80 Masq 1 0 0 >>>>> >>>>> >>>>> >>>>> and tcpdump as u asked for tcpdump -nn >>>>> >>>>> 13:20:51.719651 IP 14.140.226.234.42148> 122.166.233.133.22: Flags >>>>> [.], >>>>> ack 71072, win 1842, options [nop,nop,TS val 5369796 ecr 15415484], >>>>> length 0 >>>>> 13:20:51.719666 IP 122.166.233.133.22> 14.140.226.234.42148: Flags >>>>> [P.], >>>>> seq 76992:77344, ack 49, win 338, options [nop,nop,TS val 15415577 ecr >>>>> 5369796], length 352 >>>>> 13:20:51.723067 IP 14.140.226.234.42148> 122.166.233.133.22: Flags >>>>> [.], >>>>> ack 71424, win 1842, options [nop,nop,TS val 5369799 ecr 15415487], >>>>> length 0 >>>>> 13:20:51.723083 IP 122.166.233.133.22> 14.140.226.234.42148: Flags >>>>> [P.], >>>>> seq 77344:77696, ack 49, win 338, options [nop,nop,TS val 15415581 ecr >>>>> 5369799], length 352 >>>>> 13:20:51.727503 IP 14.140.226.234.42148> 122.166.233.133.22: Flags >>>>> [.], >>>>> ack 71776, win 1842, options [nop,nop,TS val 5369804 ecr 15415488], >>>>> length 0 >>>>> 13:20:51.727518 IP 122.166.233.133.22> 14.140.226.234.42148: Flags >>>>> [P.], >>>>> seq 77696:78048, ack 49, win 338, options [nop,nop,TS val 15415585 ecr >>>>> 5369804], length 352 >>>>> 13:20:51.729719 IP 14.140.226.234.42148> 122.166.233.133.22: Flags >>>>> [.], >>>>> ack 71984, win 1842, options [nop,nop,TS val 5369806 ecr 15415499], >>>>> length 0 >>>>> 13:20:51.729734 IP 122.166.233.133.22> 14.140.226.234.42148: Flags >>>>> [P.], >>>>> seq 78048:78400, ack 49, win 338, options [nop,nop,TS val 15415587 ecr >>>>> 5369806], length 352 >>>>> 13:20:51.730957 IP 180.149.241.196.443> 122.166.233.133.54647: Flags >>>>> [.], >>>>> ack 3204, win 258, options [nop,nop,TS val 8618337 ecr 15415521], >>>>> length 0 >>>>> 13:20:51.730985 IP 122.166.233.133.54647> 180.149.241.196.443: Flags >>>>> [P.], >>>>> seq 3204:4628, ack 631, win 1002, options [nop,nop,TS val 15415589 ecr >>>>> 8618337], length 1424 >>>>> 13:20:51.734903 IP 14.140.226.234.42148> 122.166.233.133.22: Flags >>>>> [.], >>>>> ack 72336, win 1842, options [nop,nop,TS val 5369811 ecr 15415504], >>>>> length 0 >>>>> 13:20:51.734918 IP 122.166.233.133.22> 14.140.226.234.42148: Flags >>>>> [P.], >>>>> seq 78400:79120, ack 49, win 338, options [nop,nop,TS val 15415593 ecr >>>>> 5369811], length 720 >>>>> 13:20:51.738592 IP 14.140.226.234.42148> 122.166.233.133.22: Flags >>>>> [.], >>>>> ack 72688, win 1842, options [nop,nop,TS val 5369815 ecr 15415517], >>>>> length 0 >>>>> 13:20:51.738608 IP 122.166.233.133.22> 14.140.226.234.42148: Flags >>>>> [P.], >>>>> seq 79120:79472, ack 49, win 338, options [nop,nop,TS val 15415596 ecr >>>>> 5369815], length 352 >>>>> 13:20:51.744741 IP 14.140.226.234.42148> 122.166.233.133.22: Flags >>>>> [.], >>>>> ack 73200, win 1842, options [nop,nop,TS val 5369821 ecr 15415518], >>>>> length 0 >>>>> 13:20:51.744756 IP 122.166.233.133.22> 14.140.226.234.42148: Flags >>>>> [P.], >>>>> seq 79472:79824, ack 49, win 338, options [nop,nop,TS val 15415602 ecr >>>>> 5369821], length 352 >>>>> 13:20:51.748002 IP 180.149.241.196.443> 122.166.233.133.54647: Flags >>>>> [P.], >>>>> seq 631:678, ack 3204, win 258, options [nop,nop,TS val 8618339 ecr >>>>> 15415521], length 47 >>>>> 13:20:51.748016 IP 122.166.233.133.54647> 180.149.241.196.443: Flags >>>>> [.], >>>>> ack 678, win 1002, options [nop,nop,TS val 15415606 ecr 8618339], >>>>> length 0 >>>>> 13:20:51.753389 IP 14.140.226.234.42148> 122.166.233.133.22: Flags >>>>> [P.], >>>>> seq 49:97, ack 73200, win 1842, options [nop,nop,TS val 5369829 ecr >>>>> 15415518], length 48 >>>>> >>>>> On Wed, Mar 21, 2012 at 12:43 AM, Enno Gröper<enno+lvs@groeper-** >>>>> berlin.de<enno%2Blvs@groeper-**berlin.de<enno%[email protected]> >>>>> >>wrote: >>>>> >>>>> Hi, >>>>> >>>>>> Am 20.03.2012 13:15, schrieb Reet Vyas: >>>>>> >>>>>> I did that but still no luck I just want to know wat i am trying to >>>>>>> configure is correct or not .. Can i access url from VIP as >>>>>>> 192.168.3.10:8080 or not? this is the VIP of my lvs router and it is >>>>>>> working with reasl server 192.168.3.2:8080 .. >>>>>>> >>>>>>> Without knowledge about the client, we can't tell. In theory yes, it >>>>>> should work (just looking at the lvs configuration). >>>>>> For now I simply ignore your second NIC on the LVS node. >>>>>> I think you have either a 1-NIC, 2 Network LVS-NAT [1] or a One >>>>>> Network >>>>>> LVS-NAT [2]. But only you know that for sure. >>>>>> In both cases the LVS configuration is correct, but you still need >>>>>> tweaks for your network setup. >>>>>> The problem with one-arm LVS nodes is ICMP redirects. >>>>>> What happens, if you ping the client from one of your realservers? >>>>>> Is there a redirect shown? (Don't know what this looks like on >>>>>> Windows. >>>>>> But I assume, Windows ping shows such things, too) >>>>>> >>>>>> If I'm wrong with my assumption: >>>>>> What is your exact setup? >>>>>> * IP of client >>>>>> * routing table of LVS node >>>>>> >>>>>> HTH, >>>>>> Enno >>>>>> >>>>>> [1] >>>>>> >>>>>> http://www.austintek.com/LVS/****LVS-HOWTO/HOWTO/LVS-HOWTO.**LVS-**<http://www.austintek.com/LVS/**LVS-HOWTO/HOWTO/LVS-HOWTO.LVS-**> >>>>>> NAT.html#lvs_nat_one_network_****two_nic<http://www.austintek.** >>>>>> com/LVS/LVS-HOWTO/HOWTO/LVS-**HOWTO.LVS-NAT.html#lvs_nat_** >>>>>> one_network_two_nic<http://www.austintek.com/LVS/LVS-HOWTO/HOWTO/LVS-HOWTO.LVS-NAT.html#lvs_nat_one_network_two_nic> >>>>>> > >>>>>> [2] >>>>>> >>>>>> http://www.austintek.com/LVS/****LVS-HOWTO/HOWTO/LVS-HOWTO.**LVS-**<http://www.austintek.com/LVS/**LVS-HOWTO/HOWTO/LVS-HOWTO.LVS-**> >>>>>> NAT.html#one_network<http://**www.austintek.com/LVS/LVS-** >>>>>> HOWTO/HOWTO/LVS-HOWTO.LVS-NAT.**html#one_network<http://www.austintek.com/LVS/LVS-HOWTO/HOWTO/LVS-HOWTO.LVS-NAT.html#one_network> >>>>>> > >>>>>> >>>>>> >>>>>> ______________________________****_________________ >>>>>> >>>>>> Please read the documentation before posting - it's available at: >>>>>> http://www.linuxvirtualserver.****org/<http://www.** >>>>>> linuxvirtualserver.org/ <http://www.linuxvirtualserver.org/>> >>>>>> >>>>>> LinuxVirtualServer.org mailing list - lvs-users@LinuxVirtualServer.** >>>>>> **org >>>>>> Send requests to lvs-users-request@****LinuxVirtualServer.org >>>>>> or go to >>>>>> http://lists.graemef.net/****mailman/listinfo/lvs-users<http://lists.graemef.net/**mailman/listinfo/lvs-users> >>>>>> <htt**p://lists.graemef.net/mailman/**listinfo/lvs-users<http://lists.graemef.net/mailman/listinfo/lvs-users> >>>>>> > >>>>>> >>>>>> ______________________________****_________________ >>>>>> >>>>> Please read the documentation before posting - it's available at: >>>>> http://www.linuxvirtualserver.****org/<http://www.** >>>>> linuxvirtualserver.org/ <http://www.linuxvirtualserver.org/>> >>>>> >>>>> LinuxVirtualServer.org mailing list - lvs-users@LinuxVirtualServer.*** >>>>> *org >>>>> Send requests to lvs-users-request@****LinuxVirtualServer.org >>>>> or go to >>>>> http://lists.graemef.net/****mailman/listinfo/lvs-users<http://lists.graemef.net/**mailman/listinfo/lvs-users> >>>>> <htt**p://lists.graemef.net/mailman/**listinfo/lvs-users<http://lists.graemef.net/mailman/listinfo/lvs-users> >>>>> > >>>>> >>>>> ______________________________**_________________ >>> Please read the documentation before posting - it's available at: >>> http://www.linuxvirtualserver.**org/<http://www.linuxvirtualserver.org/> >>> >>> LinuxVirtualServer.org mailing list - lvs-users@LinuxVirtualServer.**org >>> Send requests to lvs-users-request@**LinuxVirtualServer.org >>> or go to >>> http://lists.graemef.net/**mailman/listinfo/lvs-users<http://lists.graemef.net/mailman/listinfo/lvs-users> >>> >> > _______________________________________________ Please read the documentation before posting - it's available at: http://www.linuxvirtualserver.org/ LinuxVirtualServer.org mailing list - [email protected] Send requests to [email protected] or go to http://lists.graemef.net/mailman/listinfo/lvs-users
