[prev in list] [next in list] [prev in thread] [next in thread] 

List:       linux-virtual-server
Subject:    [lvs-users] NAT and service on internal VIP cannot be reached from
From:       Bachman Kharazmi <bahkha () gmail ! com>
Date:       2010-04-26 22:32:09
Message-ID: j2o1ce16a2c1004261532m8b3c210am2ade18929f3bd9ba () mail ! gmail ! com
[Download RAW message or body]

Hi

I have a LVS director running NAT, with keepalived. Two Virtual IPs,
one external and one internal: 192.168.99.200.
The internal IP is used as GW for the realhosts, and it works. I can
ping the internal VIP as well.

The configuration looks like:

virtual_server 192.168.99.200 80 {
  delay_loop 30
    lb_algo wlc
    lb_kind NAT
    persistence_timeout 50
    protocol TCP

    sorry_server http://127.0.0.1 80

    real_server  80 {
      weight 1
        TCP_CHECK {
          connect_timeout 3
        }
    }
  real_server 192.168.99.30 80 {
    weight 1
      TCP_CHECK {
        connect_timeout 3
      }
  }
}

On the director:
$ ip route show
84.273.10.30/27 dev eth0  proto kernel  scope link
192.168.99.0/24 dev eth1  proto kernel  scope link  src 192.168.99.10
default via 84.273.10.31 dev eth0

On a realhost:
$ ip route show
192.168.99.0/24 dev eth0  proto kernel  scope link  src 192.168.99.60
default via 192.168.99.200 dev eth0

My realhosts can access internet, as well as I can access the
realhosts from internet through the director.
But I cannot access 192.168.99.200:80 from a realhost. Have I missed
something here? And what lb_kind should be used for a internal VIP
when the RIPs are on the same network?

Thanks,

_______________________________________________
Please read the documentation before posting - it's available at:
http://www.linuxvirtualserver.org/

LinuxVirtualServer.org mailing list - lvs-users@LinuxVirtualServer.org
Send requests to lvs-users-request@LinuxVirtualServer.org
or go to http://lists.graemef.net/mailman/listinfo/lvs-users
[prev in list] [next in list] [prev in thread] [next in thread]