Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. Linux Virtual Server>
  3. Users
kernel 2.4.1 with LVS patch & Netfilter
andy.gussie at efruitinternational
Feb 15, 2001, 6:59 AM
Post #1 of 7 (1120 views)
Permalink
Is their an problem with Kernel 2.4.x and NAT
We're trying to set up a NAT config using a 2.4.1 based kernel with LVS
support in kernel.
are having some difficulty in getting it working.


Here is a summary of the config

IP Virtual Server version 0.2.3 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 1.2.3.4:www rr
-> 192.168.1.4:www Masq 1 0 0

What would be the proper iptables command for this to work, or is this
not supported by the new kernel.

When I try to connect to 1.2.3.4 on port www I can see 1 in active
conection but the connection never gets through, And another thing I
exec iptables -L I don't see any changes to the chain listings. Even
though the commands never see any systax errors. iptables version v1.2.


Andy G.
Re: kernel 2.4.1 with LVS patch & Netfilter [ In reply to ]
ja at ssi
Feb 15, 2001, 7:08 AM
Post #2 of 7 (1107 views)
Permalink
Hello,

On Thu, 15 Feb 2001, Andy Gussie wrote:

> Is their an problem with Kernel 2.4.x and NAT
> We're trying to set up a NAT config using a 2.4.1 based kernel with LVS
> support in kernel.
> are having some difficulty in getting it working.
>
>
> Here is a summary of the config
>
> IP Virtual Server version 0.2.3 (size=4096)
> Prot LocalAddress:Port Scheduler Flags
> -> RemoteAddress:Port Forward Weight ActiveConn InActConn
> TCP 1.2.3.4:www rr
> -> 192.168.1.4:www Masq 1 0 0
>
> What would be the proper iptables command for this to work, or is this
> not supported by the new kernel.

No netfilter commands are needed. What netfilter commands
you use?

> When I try to connect to 1.2.3.4 on port www I can see 1 in active
> conection but the connection never gets through, And another thing I
> exec iptables -L I don't see any changes to the chain listings. Even

You see one active or inactive connection? Or the both are 0s?

> though the commands never see any systax errors. iptables version v1.2.
>
>
> Andy G.


Regards

--
Julian Anastasov <ja@ssi.bg>
Re: kernel 2.4.1 with LVS patch & Netfilter [ In reply to ]
ja at ssi
Feb 17, 2001, 2:21 AM
Post #3 of 7 (1103 views)
Permalink
Hello,

On Thu, 15 Feb 2001, Andy Gussie wrote:

>
> Is their an problem with Kernel 2.4.x and NAT
> We're trying to set up a NAT config using a 2.4.1 based kernel with LVS
> support in kernel.

Andy, I just tried LVS-NAT 0.2.4 with 2.4.2pre3 and it is working,
so you can try again your setup.

> are having some difficulty in getting it working.
> Andy G.


Regards

--
Julian Anastasov <ja@ssi.bg>
Re: kernel 2.4.1 with LVS patch & Netfilter [ In reply to ]
andy.gussie at efruitinternational
Feb 19, 2001, 1:47 PM
Post #4 of 7 (1105 views)
Permalink
Could you please send me a detail sample config of your installation.
Thank you.

Attached you will find a diagram of what I am trying to do.



Julian Anastasov wrote:

> Hello,
>
> On Thu, 15 Feb 2001, Andy Gussie wrote:
>
> >
> > Is their an problem with Kernel 2.4.x and NAT
> > We're trying to set up a NAT config using a 2.4.1 based kernel with LVS
> > support in kernel.
>
> Andy, I just tried LVS-NAT 0.2.4 with 2.4.2pre3 and it is working,
> so you can try again your setup.
>
> > are having some difficulty in getting it working.
> > Andy G.
>
> Regards
>
> --
> Julian Anastasov <ja@ssi.bg>
>
> _______________________________________________
> LinuxVirtualServer.org mailing list - lvs-users@LinuxVirtualServer.org
> Send requests to lvs-users-request@LinuxVirtualServer.org
> or go to http://www.in-addr.de/mailman/listinfo/lvs-users

Attached Files:

Re: kernel 2.4.1 with LVS patch & Netfilter [ In reply to ]
idf at weewannabe
Feb 19, 2001, 3:30 PM
Post #5 of 7 (1103 views)
Permalink
Julian,

I love it!

This kind of handholding, _IMHO_, is what should be in the HowTo's,
inclusing the nice diagram that the gentleman included. This can be done in
.pdf, etc.

Thanks a MILLION.

Regards,

Ivan
----- Original Message -----
From: "Julian Anastasov" <ja@ssi.bg>
To: "Andy Gussie" <andy.gussie@efruitinternational.com>
Cc: <lvs-users@LinuxVirtualServer.org>
Sent: Monday, February 19, 2001 6:26 PM
Subject: Re: kernel 2.4.1 with LVS patch & Netfilter


>
> Hello Andy,
>
> On Mon, 19 Feb 2001, Andy Gussie wrote:
>
> > Could you please send me a detail sample config of your installation.
> > Thank you.
> >
> > Attached you will find a diagram of what I am trying to do.
>
> LVS1:
>
> ifconfig eth0 63.120.77.X
> ifconfig eth0:0 63.120.77.VIP, when LVS1 is active
> ifconfig eth1 192.168.1.1
> ifconfig eth1:0 192.168.1.5, when LVS1 is active
>
> LVS2:
>
> ifconfig eth0 63.120.77.Y
> ifconfig eth0:0 63.120.77.VIP, when LVS2 is active
> ifconfig eth1 192.168.1.2
> ifconfig eth1:0 192.168.1.5, when LVS2 is active
>
> LVS1/2:
>
> echo 1 > /proc/sys/net/ipv4/ip_forward
> echo 0 > /proc/sys/net/ipv4/conf/all/send_redirects
> echo 0 > /proc/sys/net/ipv4/conf/eth0/send_redirects
> echo 0 > /proc/sys/net/ipv4/conf/eth1/send_redirects
> modprobe ip_vs_wlc
> ipvsadm -A -t 63.120.77.VIP:80 -s wlc
> ipvsadm -a -t 63.120.77.VIP:80 -r 192.168.1.3:80 -m
> ipvsadm -a -t 63.120.77.VIP:80 -r 192.168.1.4:80 -m
> ipvsadm -Ln
> # No ipchains/iptables commands are needed for web clusters in Linux 2.4
> # For Linux 2.2 you need:
> # ipchains -A forward -s 192.168.1.0/24 -i eth0 -j MASQ
> # For 2.4 it is optional
>
> RS1:
> ifconfig eth0 192.168.1.3
> route add default gw 192.168.1.5, this IP is floating and points
> to the current gateway
>
> RS2:
> ifconfig eth0 192.168.1.4
> route add default gw 192.168.1.5, this IP is floating and points
> to the current gateway
>
> RS1/RS2:
>
> httpd.conf:
>
> Port 80
> Listen 80
>
> # Comment:
> #BindAddress *
>
> RS1:
> <VirtualHost 192.168.1.3:80>
> ...
> </VirtualHost>
>
> RS2:
> <VirtualHost 192.168.1.4:80>
> ...
> </VirtualHost>
>
>
> Regards
>
> --
> Julian Anastasov <ja@ssi.bg>
>
>
> _______________________________________________
> LinuxVirtualServer.org mailing list - lvs-users@LinuxVirtualServer.org
> Send requests to lvs-users-request@LinuxVirtualServer.org
> or go to http://www.in-addr.de/mailman/listinfo/lvs-users
>
Re: kernel 2.4.1 with LVS patch & Netfilter [ In reply to ]
ja at ssi
Feb 19, 2001, 5:26 PM
Post #6 of 7 (1107 views)
Permalink
Hello Andy,

On Mon, 19 Feb 2001, Andy Gussie wrote:

> Could you please send me a detail sample config of your installation.
> Thank you.
>
> Attached you will find a diagram of what I am trying to do.

LVS1:

ifconfig eth0 63.120.77.X
ifconfig eth0:0 63.120.77.VIP, when LVS1 is active
ifconfig eth1 192.168.1.1
ifconfig eth1:0 192.168.1.5, when LVS1 is active

LVS2:

ifconfig eth0 63.120.77.Y
ifconfig eth0:0 63.120.77.VIP, when LVS2 is active
ifconfig eth1 192.168.1.2
ifconfig eth1:0 192.168.1.5, when LVS2 is active

LVS1/2:

echo 1 > /proc/sys/net/ipv4/ip_forward
echo 0 > /proc/sys/net/ipv4/conf/all/send_redirects
echo 0 > /proc/sys/net/ipv4/conf/eth0/send_redirects
echo 0 > /proc/sys/net/ipv4/conf/eth1/send_redirects
modprobe ip_vs_wlc
ipvsadm -A -t 63.120.77.VIP:80 -s wlc
ipvsadm -a -t 63.120.77.VIP:80 -r 192.168.1.3:80 -m
ipvsadm -a -t 63.120.77.VIP:80 -r 192.168.1.4:80 -m
ipvsadm -Ln
# No ipchains/iptables commands are needed for web clusters in Linux 2.4
# For Linux 2.2 you need:
# ipchains -A forward -s 192.168.1.0/24 -i eth0 -j MASQ
# For 2.4 it is optional

RS1:
ifconfig eth0 192.168.1.3
route add default gw 192.168.1.5, this IP is floating and points
to the current gateway

RS2:
ifconfig eth0 192.168.1.4
route add default gw 192.168.1.5, this IP is floating and points
to the current gateway

RS1/RS2:

httpd.conf:

Port 80
Listen 80

# Comment:
#BindAddress *

RS1:
<VirtualHost 192.168.1.3:80>
...
</VirtualHost>

RS2:
<VirtualHost 192.168.1.4:80>
...
</VirtualHost>


Regards

--
Julian Anastasov <ja@ssi.bg>
Re: kernel 2.4.1 with LVS patch & Netfilter [ In reply to ]
ja at ssi
Feb 19, 2001, 5:51 PM
Post #7 of 7 (1103 views)
Permalink
Hello,

On Mon, 19 Feb 2001, Ivan Figueredo wrote:

> Julian,
>
> I love it!
>
> This kind of handholding, _IMHO_, is what should be in the HowTo's,
> inclusing the nice diagram that the gentleman included. This can be done in
> .pdf, etc.

Ha-ha :) LVS_2.2.13-HOWTO, 7.1 Example VS-NAT setup

Some people have different setup, at least they use
different IP addresses :)))

> Thanks a MILLION.
>
> Regards,
>
> Ivan


Regards

--
Julian Anastasov <ja@ssi.bg>

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal