On Tue, Jul 08, 2014 at 03:42:05PM +0200, Frank Kirschner wrote:
> Hello,
> since one week I can't find out why will my LVS not work. It's a setup only
> for testing:
>
> The LVS setup after boot up:
>
> [root@lvs1 ~]# ifconfig
> eth0 Link encap:Ethernet Hardware Adresse 94:0C:6D:84:2B:3F
> inet Adresse:192.168.130.231 Bcast:192.168.130.255
> Maske:255.255.255.0
> inet6 Adresse: fe80::960c:6dff:fe84:2b3f/64
> Gültigkeitsbereich:Verbindung
> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
> RX packets:1791 errors:0 dropped:0 overruns:0 frame:0
> TX packets:1346 errors:0 dropped:0 overruns:0 carrier:0
> Kollisionen:0 Sendewarteschlangenlänge:1000
> RX bytes:171782 (167.7 KiB) TX bytes:225413 (220.1 KiB)
>
> eth0:1 Link encap:Ethernet Hardware Adresse 94:0C:6D:84:2B:3F
> inet Adresse:192.168.130.241 Bcast:192.168.130.255
> Maske:255.255.255.0
> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
>
> eth1 Link encap:Ethernet Hardware Adresse 00:11:6B:62:C3:C9
> inet Adresse:192.168.13.254 Bcast:192.168.13.255
> Maske:255.255.255.0
> inet6 Adresse: fe80::211:6bff:fe62:c3c9/64
> Gültigkeitsbereich:Verbindung
> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
> RX packets:2117 errors:0 dropped:0 overruns:0 frame:0
> TX packets:2075 errors:0 dropped:0 overruns:0 carrier:0
> Kollisionen:0 Sendewarteschlangenlänge:1000
> RX bytes:1213631 (1.1 MiB) TX bytes:138309 (135.0 KiB)
>
> lo Link encap:Lokale Schleife
> inet Adresse:127.0.0.1 Maske:255.0.0.0
> inet6 Adresse: ::1/128 Gültigkeitsbereich:Maschine
> UP LOOPBACK RUNNING MTU:16436 Metric:1
> RX packets:9 errors:0 dropped:0 overruns:0 frame:0
> TX packets:9 errors:0 dropped:0 overruns:0 carrier:0
> Kollisionen:0 Sendewarteschlangenlänge:0
> RX bytes:540 (540.0 b) TX bytes:540 (540.0 b)
>
> ========================================================
> SELINUX is disabled
>
> ========================================================
>
> Firewall:
> [root@lvs1 ~]# service iptables status
> Tabelle: nat
> Chain PREROUTING (policy ACCEPT)
> num target prot opt source destination
>
> Chain POSTROUTING (policy ACCEPT)
> num target prot opt source destination
>
> Chain OUTPUT (policy ACCEPT)
> num target prot opt source destination
>
> Tabelle: mangle
> Chain PREROUTING (policy ACCEPT)
> num target prot opt source destination
>
> Chain INPUT (policy ACCEPT)
> num target prot opt source destination
>
> Chain FORWARD (policy ACCEPT)
> num target prot opt source destination
>
> Chain OUTPUT (policy ACCEPT)
> num target prot opt source destination
>
> Chain POSTROUTING (policy ACCEPT)
> num target prot opt source destination
>
> Tabelle: filter
> Chain INPUT (policy ACCEPT)
> num target prot opt source destination
>
> Chain FORWARD (policy ACCEPT)
> num target prot opt source destination
>
> Chain OUTPUT (policy ACCEPT)
> num target prot opt source destination
>
> ===================================================
> Config:
> [root@lvs1 ~]# cat /etc/sysconfig/ha/lvs.cf
> serial_no = 34
> primary = 192.168.130.231
> service = lvs
> backup_active = 0
> backup = 0.0.0.0
> heartbeat = 1
> heartbeat_port = 539
> keepalive = 6
> deadtime = 18
> network = nat
> nat_router = 192.168.13.254 eth1
> nat_nmask = 255.255.255.0
> debug_level = NONE
> virtual http_intranet {
> active = 1
> address = 192.168.130.241 eth0:1
> vip_nmask = 255.255.255.0
> port = 80
> send = "GET / HTTP/1.0\r\n\r\n"
> expect = "HTTP"
> use_regex = 0
> load_monitor = none
> scheduler = wlc
> protocol = tcp
> timeout = 6
> reentry = 15
> quiesce_server = 0
> server v_182 {
> address = 192.168.13.182
> active = 1
> weight = 100
> }
> }
>
> =======================================================
>
> LVS Routing Table:
> IP Virtual Server version 1.2.1 (size=4096)
> Prot LocalAddress:Port Scheduler Flags
> -> RemoteAddress:Port Forward Weight ActiveConn InActConn
> TCP 192.168.130.241:80 wlc
> -> 192.168.13.182:80 Masq 100 0 0
>
> LVS Processes:
> root 1062 0.0 0.0 2408 580 ? Ss 17:16 0:00 pulse
> root 1226 0.0 0.0 2400 812 ? Ss 17:16 0:00 /usr/sbin/lvsd --nofork -c
> /etc/sysconfig/ha/lvs.cf
> root 1230 0.0 0.0 2372 840 ? Ss 17:16 0:00 /usr/sbin/nanny -c -h
> 192.168.13.182 -p 80 -r 80 -s GET / HTTP/1.0\r\n\r\n -x HTTP -a 15 -I
> /sbin/ipvsadm -t 6 -w 100 -V 192.168.130.241 -M m -U none --lvs
> root 1360 0.4 0.1 5056 1692 tty1 S+ 17:21 0:01 watch ipvsadm
>
> ========================================================
> My tests from the LVS host:
>
> [root@lvs1 ~]# telnet 192.168.13.182 80
> Trying 192.168.13.182...
> Connected to 192.168.13.182.
> Escape character is '^]'.
> GET / HTTP/1.0\r\n\r\n
>
> HTTP/1.1 403 Forbidden
> Date: Tue, 08 Jul 2014 13:35:01 GMT
> Server: Apache/2.2.15 (CentOS)
> Accept-Ranges: bytes
> Content-Length: 5039
> Connection: close
> Content-Type: text/html
> (.....) This is the CentOS Apache start page
> => the real server is working, tested from the LVS
>
> But this is not working:
>
> [root@lvs1 ~]# telnet 192.168.130.241 80
> Trying 192.168.130.241...
> telnet: connect to address 192.168.130.241: Connection timed out
>
> The LVS seems not tranfering the traffic to the real server - but I don't
> know why.
> Can anybody help please?
What is the default route on the real server? It should be your LVS
node.
Ryan
_______________________________________________
Please read the documentation before posting - it's available at:
http://www.linuxvirtualserver.org/
LinuxVirtualServer.org mailing list - lvs-users@LinuxVirtualServer.org
Send requests to lvs-users-requ...@linuxvirtualserver.org
or go to http://lists.graemef.net/mailman/listinfo/lvs-users
