[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

[Linux-cluster] Regd: Iptables SNAT issue in Cluster Suite Setup



Dear All,

I have configured Cluster Suite with 2 servers
  Server 1 : 192.168.13.110 IP Address
  Server 2 : 192.168.13.179 IP Address
  Floating : 192.168.13.83 IP Address (Assumed by currently active server)

I want all snmp packets going out through the active server to be stamped with floating IP
So i have added a iptables rules as
"iptables -t nat -A POSTROUTING -p udp -s 192.168.13.179 --dport 161 -j SNAT --to-source 192.168.13.83:161 iptables -t nat -A POSTROUTING -p udp -s 192.168.13.110 --dport 161 -j SNAT --to-source 192.168.13.83:161"

I have written a script to continuously poll an agent using snmpgetnext.
This script works for some time and then snmpgetnext fails giving the following message "Fri Dec 21 19:10:20 IST 2007 SNMPv2-SMI::enterprises.3769.1.2.3.1.0 = "" Fri Dec 21 19:10:20 IST 2007 SNMPv2-SMI::enterprises.3769.1.2.3.1.0 = "" Fri Dec 21 19:10:20 IST 2007 SNMPv2-SMI::enterprises.3769.1.2.3.1.0 = "" Fri Dec 21 19:10:20 IST 2007 SNMPv2-SMI::enterprises.3769.1.2.3.1.0 = "" Fri Dec 21 19:10:21 IST 2007 SNMPv2-SMI::enterprises.3769.1.2.3.1.0 = ""
    snmpgetnext: Failure in sendto (Operation not permitted)
    Fri Dec 21 19:10:21 IST 2007
    snmpgetnext: Failure in sendto (Operation not permitted)
    Fri Dec 21 19:10:21 IST 2007
    snmpgetnext: Failure in sendto (Operation not permitted)
    Fri Dec 21 19:10:21 IST 2007
    snmpgetnext: Failure in sendto (Operation not permitted)
    Fri Dec 21 19:10:21 IST 2007

    snmpgetnext: Failure in sendto (Operation not permitted)
    Fri Dec 21 19:13:20 IST 2007
    snmpgetnext: Failure in sendto (Operation not permitted)
    Fri Dec 21 19:13:20 IST 2007
    snmpgetnext: Failure in sendto (Operation not permitted)
    Fri Dec 21 19:13:21 IST 2007
    snmpgetnext: Failure in sendto (Operation not permitted)
    Fri Dec 21 19:13:21 IST 2007
    snmpgetnext: Failure in sendto (Operation not permitted)
    Fri Dec 21 19:13:21 IST 2007
Fri Dec 21 19:13:21 IST 2007 SNMPv2-SMI::enterprises.3769.1.2.3.1.0 = "" Fri Dec 21 19:13:21 IST 2007 SNMPv2-SMI::enterprises.3769.1.2.3.1.0 = "" Fri Dec 21 19:13:21 IST 2007 SNMPv2-SMI::enterprises.3769.1.2.3.1.0 = "" Fri Dec 21 19:13:21 IST 2007 SNMPv2-SMI::enterprises.3769.1.2.3.1.0 = "" Fri Dec 21 19:13:21 IST 2007 SNMPv2-SMI::enterprises.3769.1.2.3.1.0 = "" "

If i remove the above iptables rule it works continuously and if i restarted iptables (with rule) then it works for some time
and before the same problem repeats

Can some one throw light on this particular problem

Regards
S.Balaji

P.S: Same thing happen when a rule for rsync, ssh and telnet
     i.e they works some time and some times does not
     e.g rsync,ssh and telnet iptables SNAT rule
"iptables -t nat -A POSTROUTING -p tcp -s 192.168.13.179 --dport 873 -j SNAT --to-source 192.168.13.83:873 iptables -t nat -A POSTROUTING -p tcp -s 192.168.13.179 --dport 22 -j SNAT --to-source 192.168.13.83:22 iptables -t nat -A POSTROUTING -p tcp -s 192.168.13.179 --dport 23 -j SNAT --to-source 192.168.13.83:23"
             *rsync Success* message is
              "receiving file list ... done
                Log/
                Log/20070619.dbg.zip
                Log/20070619.log.zip
                Log/20070620.dbg.zip
                Log/20070620.log.zip
                Log/20070621.dbg.zip
                Log/20070621.log.zip
                sent 190 bytes  received 211940 bytes  84852.00 bytes/sec
                total size is 211421  speedup is 1.00"
             *rsync Failure* message is
"rsync: failed to connect to 192.168.13.100: Connection timed out (110) rsync error: error in socket IO (code 10) at clientserver.c(94) "
             *ssh Failure *Message is
"ssh: connect to host 192.168.13.100 port 22: Connection timed out"
             *telnet Failure* Message is
"telnet: connect to address 192.168.13.100: Connection timed out"



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]