Mailing List Archive: [lvs-users] Load balancing ipsec connections

Ok. So I have gone down this path a bit further. Here is where
everything stands.

From my load balancer I can use nc and connect to udp port 500on my
ipsec termination server. Here is my lvs config for the ipsec server
behind the load balancer.

virtual ipsec {
active = 1
address = 192.168.1.10 eth0:7
vip_nmask = 255.255.255.0
fwmark = 86
port = 500
persistent = 300
use_regex = 0
load_monitor = none
scheduler = sh
protocol = udp
timeout = 5
reentry = 0
quiesce_server = 0
server ipsectest {
address = 192.168.2.10
active = 1
weight = 1
}
}

In the logs I am seeing

nanny[11139]: READ to 192.168.2.10:500 timed out

so it looks like the nanny process doesn't relize that port 500 is open.

Any ideas or suggestions?

On 02/27/2013 02:36 PM, Steve Madel wrote:
> I am trying to figure out a way to use lvs to load balance ipsec
> connections. I already have other services running smoothly on lvs
> (HTTP, HTTPS), but can't find anything about load balancing ipsec
> connections. Any ideas?
>
> _______________________________________________
> Please read the documentation before posting - it's available at:
> http://www.linuxvirtualserver.org/
>
> LinuxVirtualServer.org mailing list - lvs-users@LinuxVirtualServer.org
> Send requests to lvs-users-request@LinuxVirtualServer.org
> or go to http://lists.graemef.net/mailman/listinfo/lvs-users

_______________________________________________
Please read the documentation before posting - it's available at:
http://www.linuxvirtualserver.org/

LinuxVirtualServer.org mailing list - lvs-users@LinuxVirtualServer.org
Send requests to lvs-users-request@LinuxVirtualServer.org
or go to http://lists.graemef.net/mailman/listinfo/lvs-users