LVS/NAT模型内网监听不到http请求包!
LVS/NAT模型
所有防火墙已经关闭,RealServer上的web服务器已经开启,互相都能ping通!
Director Server 配置:
Director Server 外网IP = 192.168.1.100 ==> VIP = 192.168.1.100
Director Server 内网IP = 192.168.1.1 ==> DIP = 192.168.1.1
ipvsadm -C
ipvsadm -A -t 192.168.1.100:80 -s rr
ipvsadm -a -t 192.168.1.100:80 -r 192.168.1.2:80 -m
ipvsadm -a -t 192.168.1.100:80 -r 192.168.1.3:80 -m
[root@Director ~]# ipvsadm -L -n
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.1.100:80 rr
-> 192.168.1.2:80 Masq 1 0 1
-> 192.168.1.3:80 Masq 1 0 1
Real Server 配置:
Real Server IP = 192.168.1.2 ==> RIP = 192.168.1.2 gateway = 192.168.1.1
Real Server IP = 192.168.1.3 ==> RIP = 192.168.1.3 gateway = 192.168.1.1
从外网假设IP为192.168.1.10去请求 192.168.1.2/3上的web服务器都能成功,已经保证基本环境OK!
问题:
从外网假设IP为192.168.1.10去请求,去请求VIP=192.168.1.100,在RS上监听内网网卡,已经有HTTP的SYN包发出到RS(192.168.1.2/3)去,但是在RS(192.168.1.2/3)监听,却收不到包!
如果在Director Server上去请求内网的服务器RS(192.168.1.2/3),在RS(192.168.1.2/3)能监听到包!
- firefoxbug's blog
- Log in or register to post comments
- 6148 reads