lvs/tun问题

real-server
modprobe ipip
ifconfig tunl0 192.168.36.122 netmask 255.255.255.255 up
echo 0 > /proc/sys/net/ipv4/ip_forward
echo 1 > /proc/sys/net/ipv4/*/arp_ignore
echo 2 > /proc/sys/net/ipv4/*/arp_announce
route add -host 192.168.36.122 dev tunl0
route路由表加与不加都一样。

LB-server
ifconfig eth0:0 192.168.36.122 netmask 255.255.255.255 up
ipvsadm -A -t 192.168.36.122:80 -s wlc
ipvsadm -a -t 192.168.36.122:80 -r 192.168.13.201 -i

client:192.168.36.105
DIP:192.168.36.106 RIP:192.168.13.201
VIP:192.168.36.122 tunl0:192.168.36.122

________
| |
| client |
|________|
CIP=192.168.36.105
|
CIP->VIP | |---------------------------------
v | |
| |
| |
v | |
| |
VIP=192.168.36.122(eth0:0, arps) |
__________ |
| | |
| director | |
|__________| |
DIP=192.168.36.106 (eth0) |
| ^ |
DIP->RIP1(CIP->VIP) | | VIP->CIP | |
v | |
__________ __________
| | | |
| R-router | R,C-Router do not | C-Router |
|__________| advertise VIP |__________|
| |
| ^ |
DIP->RIP1(CIP->VIP) | | VIP->CIP | |
v | |
| |
----------------------------------------------------
| |
| |
RIP1=192.168.13.201(eth0) RIP2=192.168.13.202(eth0)
VIP=192.168.36.122(tunl0) VIP=192.168.36.122(tunl0)
| |
_________________ ___________________
| | | |
| realserver | | realserver |
| tunl0: CIP->VIP | | |
| eth0: VIP->CIP | | |
|_________________| |___________________|

# tcpdump -i tunl0 -vv
tcpdump: listening on tunl0, link-type RAW (Raw IP), capture size 96 bytes
16:48:11.794235 IP (tos 0x0, ttl 128, id 32266, offset 0, flags [DF], proto 6, length: 48) 192.168.36.105.2117 > 192.168.36.122.http: S [tcp sum ok] 670995371:670995371(0) win 65535
16:48:14.794033 IP (tos 0x0, ttl 128, id 32270, offset 0, flags [DF], proto 6, length: 48) 192.168.36.105.2117 > 192.168.36.122.http: S [tcp sum ok] 670995371:670995371(0) win 65535
16:48:15.795246 IP (tos 0x0, ttl 255, id 1385, offset 0, flags [none], proto 1, length: 56) 192.168.13.250 > 192.168.36.122: icmp 36: host 192.168.36.105 unreachable - admin prohibited filter for IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto 6, length: 48) 192.168.36.122.http > 192.168.36.105.2117: [|tcp]
16:48:20.729330 IP (tos 0x0, ttl 128, id 32277, offset 0, flags [DF], proto 6, length: 48) 192.168.36.105.2117 > 192.168.36.122.http: S [tcp sum ok] 670995371:670995371(0) win 65535
16:48:24.928591 IP (tos 0x0, ttl 255, id 1544, offset 0, flags [none], proto 1, length: 56) 192.168.13.250 > 192.168.36.122: icmp 36: host 192.168.36.105 unreachable - admin prohibited filter for IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto 6, length: 48) 192.168.36.122.http > 192.168.36.105.2117: [|tcp]

请问大家这是什么问题呀?

Forums:

Your posting really steihgatrned me out. Thanks!

Help, I've been informed and I can't become ignnraot. http://fludwr.com [url=http://luhluazezms.com]luhluazezms[/url] [link=http://xbokrc.com]xbokrc[/link]

Your posting is abuoestlly on the point!