Hey folks, I've been trying to debug this problem I have, and so far no
luck :(
Sorry if this isn't _directly_ lvs related, but since
ultramonkey doesn't seem to have been updated in a while,
I thought I'd try to get help here first.
I installed ultramonkey 1.0.2beta0, kernel 2.4.0, lvs 0.2.4, iptables
1.2
without a hitch. I've got a node responding on tcp
ports 80,443,21 using masquerading, but upd port 53
doesn't seem to want to accept connections.
I currently have only one node, but if I can get
this setup I will be able to free up some machines to add
more. So this setup is pretty basic, one monitor, one node.
(no ha, no load balancing)
my setup:
Router box (aka linux director)
/sbin/ifconfig lo 127.0.0.1
/sbin/ifconfig eth0 216.218.7.2 netmask 255.255.255.0
/sbin/ifconfig eth1 10.0.0.1 netmask 255.0.0.0
/sbin/route add default gw 216.218.7.1 eth0
/sbin/route add -net 127.0.0.0 netmask 255.0.0.0 lo
/sbin/route add -net 10.0.0.0 netmask 255.0.0.0 eth1
/sbin/ifconfig eth0:0 216.218.7.3
/usr/local/sbin/iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
echo "16384" > /proc/sys/net/ipv4/ip_conntrack_max
Node 1 (first of many hopefully)
/sbin/ifconfig lo 127.0.0.1
/sbin/route add -net 127.0.0.0 netmask 255.0.0.0 lo
/sbin/ifconfig eth0 10.0.1.1 broadcast 10.0.0.0 netmask 255.0.0.0
/sbin/route add default gw 10.0.0.1 netmask 0.0.0.0 metric 1
ncftpd,apache,etc TCP
tinydns (djbdns) - UDP
my router/firewall is setup to route traffic to 10.0.0.0/8 through
216.218.7.2
Here's my ldirectord config:
checktimeout=30
checkinterval=30
## HTTP
virtual=216.218.7.3:80
fallback=127.0.0.1:80
real=10.0.1.1:80 masq
service=http
request=".ha"
receive="ha"
scheduler=wlc
persistent=600
protocol=tcp
## HTTPS
virtual=216.218.7.3:443
fallback=127.0.0.1:443
real=10.0.1.1:443 masq
service=https
request=".ha"
receive="ha"
scheduler=wlc
persistent=600
protocol=tcp
## FTP
virtual=216.218.7.3:21
fallback=127.0.0.1:21
real=10.0.1.1:21 masq
service=ftp
request="ha"
receive="ha"
login="ha"
passwd="secret"
scheduler=wlc
persistent=600
protocol=tcp
## DNS (UDP)
virtual=216.218.7.3:53
fallback=127.0.0.1:53
real=10.0.1.1:53 masq
service=none
scheduler=wlc
protocol=udp
For some reason, this setup doesn't want to make the dns service go up.
here's what I get in the logs:
[Thu Feb 22 01:15:25 2001|ldirectord.cf] Starting Linux Director Daemon
[Thu Feb 22 01:15:25 2001|ldirectord.cf] Adding virtual server:
216.218.7.3:80
[Thu Feb 22 01:15:25 2001|ldirectord.cf] Starting fallback server for:
216.218.7.3:80 (127.0.0.1:80)
[Thu Feb 22 01:15:25 2001|ldirectord.cf] Adding virtual server:
216.218.7.3:443
[Thu Feb 22 01:15:25 2001|ldirectord.cf] Starting fallback server for:
216.218.7.3:443 (127.0.0.1:443)
[Thu Feb 22 01:15:25 2001|ldirectord.cf] Adding virtual server:
216.218.7.3:21
[Thu Feb 22 01:15:25 2001|ldirectord.cf] Starting fallback server for:
216.218.7.3:21 (127.0.0.1:21)
[Thu Feb 22 01:15:25 2001|ldirectord.cf] Adding virtual server:
216.218.7.3:53
[Thu Feb 22 01:15:25 2001|ldirectord.cf] Starting fallback server for:
216.218.7.3:53 (127.0.0.1:53)
[Thu Feb 22 01:15:25 2001|ldirectord.cf] Adding real server: 10.0.1.1:80
(216.218.7.3:80)
[Thu Feb 22 01:15:25 2001|ldirectord.cf] Turning off fallback server
for: 216.218.7.3:80 (127.0.0.1:80)
[Thu Feb 22 01:15:25 2001|ldirectord.cf] Adding real server:
10.0.1.1:443 (216.218.7.3:443)
[Thu Feb 22 01:15:25 2001|ldirectord.cf] Turning off fallback server
for: 216.218.7.3:443 (127.0.0.1:443)
[Thu Feb 22 01:15:25 2001|ldirectord.cf] Adding real server: 10.0.1.1:21
(216.218.7.3:21)
[Thu Feb 22 01:15:25 2001|ldirectord.cf] Turning off fallback server
for: 216.218.7.3:21 (127.0.0.1:21)
After this didn't work, I modified the ldirectord program, added a new
function
called check_dns
sub check_dns {
my ($v,$r) = @_;
use Net::DNS;
$res = new Net::DNS::Resolver;
eval {
local $SIG{'ALRM'} = sub { die "timeout\n"; };
alarm($$v{checktimeout});
$res->nameservers($$r{server});
$query = $res->search("www.test.org"); ## my test domain...
alarm(0);
};
if (@$ eq "timeout\n") { service_set($v,$r,"down"); }
if ($query) {
foreach $rr ($query->answer) {
next unless $rr->type eq "A";
service_set($v,$r,"up");
return;
}
}
service_set($v,$r,"down");
}
changed a bit of code to accomodate the new service type,
changed the config file and put service=dns
after stopping and restarting ldirectord with my new code and config,
I get:
ipvsadm -L -n
IP Virtual Server version 0.2.4 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 216.218.7.3:21 wlc persistent 600
-> 10.0.1.1:21 Masq 1 0 0
UDP 216.218.7.3:53 wlc
-> 127.0.0.1:53 Local 1 0 0
TCP 216.218.7.3:80 wlc persistent 600
-> 10.0.1.1:80 Masq 1 0 0
TCP 216.218.7.3:443 wlc persistent 600
-> 10.0.1.1:443 Masq 1 0 0
which is exactly the same as if I hadn't modified anything at all :(
dns lookups to the node work fine (from any machine on my network).
# nslookup
> server 10.0.1.1
Default Server: [10.0.1.1]
Address: 10.0.1.1
> www.test.org
Server: [10.0.1.1]
Address: 10.0.1.1
Name: www.test.org
Address: 216.218.7.3
I'm a bit stumped as to what's going wrong here, so any help would be
apreciated.
I would also be interested in finding out if anyone has gotten qmail
smtp
to work in a cluster-type of environment, and how to do it
(qmtp/qmail-mini?)
Regards,
--
Mark Steele
Archduke research and development
Inet Technologies Inc.
msteele@inet-interactif.com
010110010110111101110101001000000110000101110010011001010010000001100100011101010110110101100010
luck :(
Sorry if this isn't _directly_ lvs related, but since
ultramonkey doesn't seem to have been updated in a while,
I thought I'd try to get help here first.
I installed ultramonkey 1.0.2beta0, kernel 2.4.0, lvs 0.2.4, iptables
1.2
without a hitch. I've got a node responding on tcp
ports 80,443,21 using masquerading, but upd port 53
doesn't seem to want to accept connections.
I currently have only one node, but if I can get
this setup I will be able to free up some machines to add
more. So this setup is pretty basic, one monitor, one node.
(no ha, no load balancing)
my setup:
Router box (aka linux director)
/sbin/ifconfig lo 127.0.0.1
/sbin/ifconfig eth0 216.218.7.2 netmask 255.255.255.0
/sbin/ifconfig eth1 10.0.0.1 netmask 255.0.0.0
/sbin/route add default gw 216.218.7.1 eth0
/sbin/route add -net 127.0.0.0 netmask 255.0.0.0 lo
/sbin/route add -net 10.0.0.0 netmask 255.0.0.0 eth1
/sbin/ifconfig eth0:0 216.218.7.3
/usr/local/sbin/iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
echo "16384" > /proc/sys/net/ipv4/ip_conntrack_max
Node 1 (first of many hopefully)
/sbin/ifconfig lo 127.0.0.1
/sbin/route add -net 127.0.0.0 netmask 255.0.0.0 lo
/sbin/ifconfig eth0 10.0.1.1 broadcast 10.0.0.0 netmask 255.0.0.0
/sbin/route add default gw 10.0.0.1 netmask 0.0.0.0 metric 1
ncftpd,apache,etc TCP
tinydns (djbdns) - UDP
my router/firewall is setup to route traffic to 10.0.0.0/8 through
216.218.7.2
Here's my ldirectord config:
checktimeout=30
checkinterval=30
## HTTP
virtual=216.218.7.3:80
fallback=127.0.0.1:80
real=10.0.1.1:80 masq
service=http
request=".ha"
receive="ha"
scheduler=wlc
persistent=600
protocol=tcp
## HTTPS
virtual=216.218.7.3:443
fallback=127.0.0.1:443
real=10.0.1.1:443 masq
service=https
request=".ha"
receive="ha"
scheduler=wlc
persistent=600
protocol=tcp
## FTP
virtual=216.218.7.3:21
fallback=127.0.0.1:21
real=10.0.1.1:21 masq
service=ftp
request="ha"
receive="ha"
login="ha"
passwd="secret"
scheduler=wlc
persistent=600
protocol=tcp
## DNS (UDP)
virtual=216.218.7.3:53
fallback=127.0.0.1:53
real=10.0.1.1:53 masq
service=none
scheduler=wlc
protocol=udp
For some reason, this setup doesn't want to make the dns service go up.
here's what I get in the logs:
[Thu Feb 22 01:15:25 2001|ldirectord.cf] Starting Linux Director Daemon
[Thu Feb 22 01:15:25 2001|ldirectord.cf] Adding virtual server:
216.218.7.3:80
[Thu Feb 22 01:15:25 2001|ldirectord.cf] Starting fallback server for:
216.218.7.3:80 (127.0.0.1:80)
[Thu Feb 22 01:15:25 2001|ldirectord.cf] Adding virtual server:
216.218.7.3:443
[Thu Feb 22 01:15:25 2001|ldirectord.cf] Starting fallback server for:
216.218.7.3:443 (127.0.0.1:443)
[Thu Feb 22 01:15:25 2001|ldirectord.cf] Adding virtual server:
216.218.7.3:21
[Thu Feb 22 01:15:25 2001|ldirectord.cf] Starting fallback server for:
216.218.7.3:21 (127.0.0.1:21)
[Thu Feb 22 01:15:25 2001|ldirectord.cf] Adding virtual server:
216.218.7.3:53
[Thu Feb 22 01:15:25 2001|ldirectord.cf] Starting fallback server for:
216.218.7.3:53 (127.0.0.1:53)
[Thu Feb 22 01:15:25 2001|ldirectord.cf] Adding real server: 10.0.1.1:80
(216.218.7.3:80)
[Thu Feb 22 01:15:25 2001|ldirectord.cf] Turning off fallback server
for: 216.218.7.3:80 (127.0.0.1:80)
[Thu Feb 22 01:15:25 2001|ldirectord.cf] Adding real server:
10.0.1.1:443 (216.218.7.3:443)
[Thu Feb 22 01:15:25 2001|ldirectord.cf] Turning off fallback server
for: 216.218.7.3:443 (127.0.0.1:443)
[Thu Feb 22 01:15:25 2001|ldirectord.cf] Adding real server: 10.0.1.1:21
(216.218.7.3:21)
[Thu Feb 22 01:15:25 2001|ldirectord.cf] Turning off fallback server
for: 216.218.7.3:21 (127.0.0.1:21)
After this didn't work, I modified the ldirectord program, added a new
function
called check_dns
sub check_dns {
my ($v,$r) = @_;
use Net::DNS;
$res = new Net::DNS::Resolver;
eval {
local $SIG{'ALRM'} = sub { die "timeout\n"; };
alarm($$v{checktimeout});
$res->nameservers($$r{server});
$query = $res->search("www.test.org"); ## my test domain...
alarm(0);
};
if (@$ eq "timeout\n") { service_set($v,$r,"down"); }
if ($query) {
foreach $rr ($query->answer) {
next unless $rr->type eq "A";
service_set($v,$r,"up");
return;
}
}
service_set($v,$r,"down");
}
changed a bit of code to accomodate the new service type,
changed the config file and put service=dns
after stopping and restarting ldirectord with my new code and config,
I get:
ipvsadm -L -n
IP Virtual Server version 0.2.4 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 216.218.7.3:21 wlc persistent 600
-> 10.0.1.1:21 Masq 1 0 0
UDP 216.218.7.3:53 wlc
-> 127.0.0.1:53 Local 1 0 0
TCP 216.218.7.3:80 wlc persistent 600
-> 10.0.1.1:80 Masq 1 0 0
TCP 216.218.7.3:443 wlc persistent 600
-> 10.0.1.1:443 Masq 1 0 0
which is exactly the same as if I hadn't modified anything at all :(
dns lookups to the node work fine (from any machine on my network).
# nslookup
> server 10.0.1.1
Default Server: [10.0.1.1]
Address: 10.0.1.1
> www.test.org
Server: [10.0.1.1]
Address: 10.0.1.1
Name: www.test.org
Address: 216.218.7.3
I'm a bit stumped as to what's going wrong here, so any help would be
apreciated.
I would also be interested in finding out if anyone has gotten qmail
smtp
to work in a cluster-type of environment, and how to do it
(qmtp/qmail-mini?)
Regards,
--
Mark Steele
Archduke research and development
Inet Technologies Inc.
msteele@inet-interactif.com
010110010110111101110101001000000110000101110010011001010010000001100100011101010110110101100010