On Thu, Jun 26, 2014 at 4:26 PM, Nilesh Govindrajan <m...@nileshgr.com> wrote: > Hello, > > I am trying to setup LVS Tun on Hetzner.de servers I have. They're > located on completely different subnets. > > Virtual IP is a failover IP offered by them, and from my discussion > with support, it seems they do support any server answering with the > failover IP irrespective of what the failover ip is routed to > currently (some isps block as it's packet spoofing). > > I have added VIP to my load balancer and then I add ssh service as follows - > > ipvsadm -A -t VIP:22 -s rr > ipvsadm -A -t VIP:22 -a -r s1 > > I have enabled ip forwarding and the iptables FORWARD chain accepts > any packet that is from or to one of my servers. > > On the real server, I have this - > > modprobe ipip > ifconfig tunl0 VIP netmask 255.255.255.255 broadcast VIP up > route add -host VIP dev tunl0 > > Now, when I try to connect to VIP:22 from outside, I can see the > packets coming to the real server in tcpdump with SYN flag. But no > packet ever seems to leave my real server. > > What am I doing wrong?
Problem sorted when I had the real ssh daemon listen on VIP instead of using netcat. Though the latter should have worked too. May be I did some mistake in using netcat. _______________________________________________ Please read the documentation before posting - it's available at: http://www.linuxvirtualserver.org/ LinuxVirtualServer.org mailing list - lvs-users@LinuxVirtualServer.org Send requests to lvs-users-requ...@linuxvirtualserver.org or go to http://lists.graemef.net/mailman/listinfo/lvs-users