lvs/Nat+keepalived无法转发问题，求教高手看看是什么原因，多谢！

zhangydcba

对LVS+Keepalived做如下简单测试验证：

环境：vm虚拟机，linux suse11
DR: 10.78.217.251  (因为IP紧缺，虚拟IP和真实IP共用一个 )
RealServer: 10.78.217.251/10.78.217.49

问题：在DR上访问 http://10.78.217.251  可以看到对两个realserver进行轮询。


但是在我的机器上访问http://10.78.217.251，却显示无法连接。



在我的机器上连接时， 一直处于SYN_RECV状态
linux:/etc/init.d # ipvsadm -lcn
IPVS connection entries
pro expire state       source             virtual            destination
TCP 00:58  SYN_RECV    10.66.55.117:54304 10.78.217.251:80   10.78.217.49:80
TCP 00:58  SYN_RECV    10.66.55.117:54303 10.78.217.251:80   10.78.217.245:80



linux:/etc/init.d # cat /proc/sys/net/ipv4/ip_forward
1



keepalived.conf配置如下：
! Configuration File for keepalived

global_defs {
    router_id LVS_DEVEL
}
vrrp_sync_group VGM {
    group {
        VI_1
    }
}
vrrp_instance VI_1 {
    state MASTER
    interface eth0
    virtual_router_id 61
    priority 300
    advert_int 3
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        10.78.217.251
    }
}

virtual_server 10.78.217.251 80 {
    delay_loop 4
    lb_algo rr
    lb_kind NAT
    protocol TCP

    real_server 10.78.217.49 80 {
        weight 5
        TCP_CHECK {
            connect_timeout 5
            nb_get_retry 3
            delay_before_retry 3
            connect_port 80
        }
    }
        real_server 10.78.217.245 80 {
        weight 5
        TCP_CHECK {
            connect_timeout 5
            nb_get_retry 3
            delay_before_retry 3
            connect_port 80
        }
    }
}



linux:/etc/init.d # ip addr show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 brd 127.255.255.255 scope host lo
    inet 127.0.0.2/8 brd 127.255.255.255 scope host secondary lo
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:50:56:95:28:2f brd ff:ff:ff:ff:ff:ff
    inet 10.78.217.251/32 scope global eth0
    inet6 fe80::250:56ff:fe95:282f/64 scope link
       valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN qlen 1000
    link/ether 00:50:56:95:28:30 brd ff:ff:ff:ff:ff:ff

linux:/etc/init.d # ipvsadm -ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddressort Scheduler Flags
  -> RemoteAddressort           Forward Weight ActiveConn InActConn
TCP  10.78.217.251:80 rr
  -> 10.78.217.49:80              Masq    5      0          0
  -> 10.78.217.245:80             Masq    5      0          0



linux:/etc/init.d # tail -f /var/log/messages
Oct 27 17:25:21 linux Keepalived_healthcheckers[2189]: Configuration is using : 13235 Bytes
Oct 27 17:25:21 linux Keepalived_healthcheckers[2189]: Using LinkWatch kernel netlink reflector...
Oct 27 17:25:21 linux Keepalived_healthcheckers[2189]: Activating healthchecker for service [10.78.217.49]:80
Oct 27 17:25:21 linux Keepalived_healthcheckers[2189]: Activating healthchecker for service [10.78.217.245]:80
Oct 27 17:25:24 linux Keepalived_vrrp[2190]: VRRP_Instance(VI_1) Transition to MASTER STATE
Oct 27 17:25:27 linux Keepalived_vrrp[2190]: VRRP_Instance(VI_1) Entering MASTER STATE
Oct 27 17:25:27 linux Keepalived_vrrp[2190]: VRRP_Instance(VI_1) setting protocol VIPs.
Oct 27 17:25:27 linux Keepalived_vrrp[2190]: VRRP_Instance(VI_1) Sending gratuitous ARPs on eth0 for 10.78.217.251
Oct 27 17:25:27 linux Keepalived_vrrp[2190]: VRRP_Group(VGM) Syncing instances to MASTER state
Oct 27 17:25:32 linux Keepalived_vrrp[2190]: VRRP_Instance(VI_1) Sending gratuitous ARPs on eth0 for 10.78.217.251

linuxzkq

坐等高解答，最近正打算要学习LV

zhangydcba

将relaserver的网关设置为 virtualserver的DIP即可。 不能通过add default gw方式。