[Linux-cluster] iptables rules for LVS-DR cluster
Johannes Russek
johannes.russek at io-consulting.net
Sun Apr 6 01:11:58 UTC 2008
John Garrity schrieb:
> Question: how did you set the scheduler to "n"?
>
i didn't.
it's "rr", double-R for round-robin.
> I don't see a choice for "none" in Piranha and I tried manually editing /etc/sysconfig/ha/lvs.cf with no luck. Even when I commented out the scheduler field it seems to default to wlc.
>
> Basically, I'm not sure that it's my iptables rules that are giving me a problem. Maybe it's what Christopher mentions below? How would I remove port 20 from LVS?
>
i don't think you have to do that with persistency. as i said, it works
pretty good here.
without much knowledge about your network, i would say it's an issue
with the direct routing setup. i would suggest digging a little deeper
into your network setup and checking tcpdump for the reason of the
connection reset. (stateful filtering at the wrong point in the setup
comes to mind).
maybe you should ask at that LVS mailing list for help!
good luck.
johannes
> I tried using a firewall mark of 20 and have Piranha configured to use 21 as the application port. I can ftp to the real servers using their real IPs but ftps to the VIP fail with the error on the ftp client "An existing connection was forcibly closed by the remote host."
>
> Persistence is set to 20
>
>
More information about the Linux-cluster
mailing list