Mailing List Archive

[lvs-users] ipvsadm tun setup
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Hi all,

I have a questions about ipvsadm setup with a tunnel setup. On
the director is the tunnel setup by the ipvsadm process? i.e there is
no need on the director to do a "ip add tunnel mode ipip ..."?

I cannot see a tunnel created by the ipvsadm process with "ip tunnel
show"? How can I do a tcpdump to see what is happening on that tunnel?

How can I use my standard network troubleshooting tools to tell what
is going on? There is no device I can listen on such as tunl0?

thanks
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQEcBAEBCgAGBQJUyVPcAAoJEM+E/JKBmb2D/bAIALaFRsn0CnI2bblJk0vzlkDh
N15V3HQTzJO8Whnj9TIgKV+4z2nDOVe/huM+2fDbxUv7uiKYV++MTOSERgipB1pU
8dRHOEh3onK6Ix0Xl+2FAvfrO0xLucNh+x0I+7FnEqY8YWhoqY26KuIKqWzshY2A
l45SM3cA2PEw6EhudDDotqZhncbAp9Mt5iZnNDK6P5UyMM4/160dOOoPJSKQfG4w
z3kEsOK7chLHkRJhoz2P/VOoALLqoh6HvQenG9KdunSe4n8B2d7HqApvtMIf4ttf
dFRWcryMwoMGTGbc0Qysp4nISONiu9i964SlOgnUKAW8YfU+oZhtNRF3wAXqXRM=
=78CV
-----END PGP SIGNATURE-----

_______________________________________________
Please read the documentation before posting - it's available at:
http://www.linuxvirtualserver.org/

LinuxVirtualServer.org mailing list - lvs-users@LinuxVirtualServer.org
Send requests to lvs-users-request@LinuxVirtualServer.org
or go to http://lists.graemef.net/mailman/listinfo/lvs-users
Re: [lvs-users] ipvsadm tun setup [ In reply to ]
LVS does the encapsulation naively - there is no tunnel interface.

If you do packet captures on the interface pointing to your real server
you'll see the outgoing IPIP encapsulated packets.

On 1/28/15 4:25 PM, Mark Clarke wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA512
>
> Hi all,
>
> I have a questions about ipvsadm setup with a tunnel setup. On
> the director is the tunnel setup by the ipvsadm process? i.e there is
> no need on the director to do a "ip add tunnel mode ipip ..."?
>
> I cannot see a tunnel created by the ipvsadm process with "ip tunnel
> show"? How can I do a tcpdump to see what is happening on that tunnel?
>
> How can I use my standard network troubleshooting tools to tell what
> is going on? There is no device I can listen on such as tunl0?
>
> thanks
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1
>
> iQEcBAEBCgAGBQJUyVPcAAoJEM+E/JKBmb2D/bAIALaFRsn0CnI2bblJk0vzlkDh
> N15V3HQTzJO8Whnj9TIgKV+4z2nDOVe/huM+2fDbxUv7uiKYV++MTOSERgipB1pU
> 8dRHOEh3onK6Ix0Xl+2FAvfrO0xLucNh+x0I+7FnEqY8YWhoqY26KuIKqWzshY2A
> l45SM3cA2PEw6EhudDDotqZhncbAp9Mt5iZnNDK6P5UyMM4/160dOOoPJSKQfG4w
> z3kEsOK7chLHkRJhoz2P/VOoALLqoh6HvQenG9KdunSe4n8B2d7HqApvtMIf4ttf
> dFRWcryMwoMGTGbc0Qysp4nISONiu9i964SlOgnUKAW8YfU+oZhtNRF3wAXqXRM=
> =78CV
> -----END PGP SIGNATURE-----
>
> _______________________________________________
> Please read the documentation before posting - it's available at:
> http://www.linuxvirtualserver.org/
>
> LinuxVirtualServer.org mailing list - lvs-users@LinuxVirtualServer.org
> Send requests to lvs-users-request@LinuxVirtualServer.org
> or go to http://lists.graemef.net/mailman/listinfo/lvs-users


_______________________________________________
Please read the documentation before posting - it's available at:
http://www.linuxvirtualserver.org/

LinuxVirtualServer.org mailing list - lvs-users@LinuxVirtualServer.org
Send requests to lvs-users-request@LinuxVirtualServer.org
or go to http://lists.graemef.net/mailman/listinfo/lvs-users
Re: [lvs-users] ipvsadm tun setup [ In reply to ]
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

On 29/01/2015 00:27, David Coulson wrote:
> LVS does the encapsulation naively - there is no tunnel interface.
>
> If you do packet captures on the interface pointing to your real
> server you'll see the outgoing IPIP encapsulated packets.
>

Thanks for the reply. I do not get any packets on the outgoing
interface (eth0) for the IPIP protocol. There is only 1 nic.

"tcpdump -i eth0 "ip proto \ip" => not results.

I ran the following commands.

ipvsadm -A -t VIP -p -s wlc
ipvasadm -a -t VIP -r RIP -i
ip a a VIP/32 dev eth0

Output of ipvsadm -L


Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP VIP:0 wlc persistent 360
-> RIP:0 Tunnel 1 0 2


The server has a single NIC. IPtables allows for all outgoing and
forwarded connections.



> On 1/28/15 4:25 PM, Mark Clarke wrote: Hi all,
>
> I have a questions about ipvsadm setup with a tunnel setup. On the
> director is the tunnel setup by the ipvsadm process? i.e there is
> no need on the director to do a "ip add tunnel mode ipip ..."?
>
> I cannot see a tunnel created by the ipvsadm process with "ip
> tunnel show"? How can I do a tcpdump to see what is happening on
> that tunnel?
>
> How can I use my standard network troubleshooting tools to tell
> what is going on? There is no device I can listen on such as
> tunl0?
>
> thanks
>>
>> _______________________________________________ Please read the
>> documentation before posting - it's available at:
>> http://www.linuxvirtualserver.org/
>>
>> LinuxVirtualServer.org mailing list -
>> lvs-users@LinuxVirtualServer.org Send requests to
>> lvs-users-request@LinuxVirtualServer.org or go to
>> http://lists.graemef.net/mailman/listinfo/lvs-users
>
>
> _______________________________________________ Please read the
> documentation before posting - it's available at:
> http://www.linuxvirtualserver.org/
>
> LinuxVirtualServer.org mailing list -
> lvs-users@LinuxVirtualServer.org Send requests to
> lvs-users-request@LinuxVirtualServer.org or go to
> http://lists.graemef.net/mailman/listinfo/lvs-users
>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQEcBAEBCgAGBQJUycKnAAoJEM+E/JKBmb2DwqEH/it9NtNqvY2HezRjPt6npmpy
2JU9zpEkFuL2+kkK2LHYR1n6qAEcyk/5vmWz0yU9XeEGUoQ/zUKkrMZKwWmOJSdr
TdH7kKwzTe5xKCIA3PZNAJ00YrAmKvxIsdumj+dp/U1RGkU9b0OPqV940P4wESBm
7zfuXp3YsUAfD8QK+cc4a/wfdE8c59VSoQ2VAzOjLJuoAaklld4IIXVXXBXMLHD5
dKsNm5N+TqI8VOQ5PoeawHVZP4ncJIVO8jA7nGP33tk9BoWFeIdEVw5SNGeZzEeF
6HnPEwg5pK3KQlSE/L4fxAAaG896tr0zlpWtg5Akr+W6FPGZg2a/59P2C+nkZ+o=
=VE8C
-----END PGP SIGNATURE-----

_______________________________________________
Please read the documentation before posting - it's available at:
http://www.linuxvirtualserver.org/

LinuxVirtualServer.org mailing list - lvs-users@LinuxVirtualServer.org
Send requests to lvs-users-request@LinuxVirtualServer.org
or go to http://lists.graemef.net/mailman/listinfo/lvs-users