Re: [Linux-cluster] iptables rules for LVS-DR cluster

John Garrity schrieb:
Question: how did you set the scheduler to "n"?

i didn't.
it's "rr", double-R for round-robin.

I don't see a choice for "none" in Piranha and I tried manually editing /etc/sysconfig/ha/lvs.cf with no luck. Even when I commented out the scheduler field it seems to default to wlc. Basically, I'm not sure that it's my iptables rules that are giving me a problem. Maybe it's what Christopher mentions below? How would I remove port 20 from LVS?

i don't think you have to do that with persistency. as i said, it works pretty good here. without much knowledge about your network, i would say it's an issue with the direct routing setup. i would suggest digging a little deeper into your network setup and checking tcpdump for the reason of the connection reset. (stateful filtering at the wrong point in the setup comes to mind).
maybe you should ask at that LVS mailing list for help!
good luck.

I tried using a firewall mark of 20 and have Piranha configured to use 21 as the application port. I can ftp to the real servers using their real IPs but ftps to the VIP fail with the error on the ftp client "An existing connection was forcibly closed by the remote host."

Persistence is set to 20

