LVS-NAT problem
Barry Brimer
lists at brimer.org
Tue Feb 10 15:10:00 UTC 2009
Quoting lakshmana swamy <klakshman03 at hotmail.com>:
>
>
> Dear All
>
> I have setup LVS setup of apache with 3 machines (RHEL-5.2). One is LVS and
> two are Real servers. I have configured through piranha.I have been facing
> the following problems.
>
>
> * when Iam trying to When Iam trying to telnet on port 80, It gives
> following error
>
> #telnet 10.129.150.160 80
>
> Trying 10.129.150.160...
> telnet: connect to address 10.129.150.160: Connection timed out
>
> * If Iam trying to browse the 10.129.150.60, following error occured
>
> "The connection has timed out
> The server at 10.129.150.160 is taking too long to respond."
>
>
>
> > Here Iam giving my complete setup details. Please help me out.
<snip>
I would remove the 2 iptables rules :
# /sbin/iptables -t mangle -A PREROUTING -p tcp -d 10.129.150.160/32 --dport 80
-j MARK --set-mark 80
You are setting a mark, but you are not using it. This shouldn't be causing a
problem, but is not needed.
# /sbin/iptables -t nat -A POSTROUTING -p tcp -s 192.168.89.0/24 --sport 80 -j
MASQUERADE
LVS does all of the NATing that you need for LVS connections. You will need
similar rules to get to other network services such as DNS, to work from behind
LVS to outside network services but not for your LVS itself.
Make sure that on your LVS in /etc/sysctl.conf you have:
"net.ipv4.ip_forward = 1" .. if you do not, set that and then run "sysctl -p" as
root to enable IP forwarding.
Do not expect to be able to connect to your LVS address from behind the LVS. It
doesn't work that way.
Hope this helps,
Barry
More information about the redhat-list
mailing list