双网卡使用piranha配置LVS的direct模式,只有一个IP生效(双线双IP)

生产环境用的
CentOS 6.2 2.6.32-220.7.1.el6.x86_64
eth0 : 电信IP
eth1 : 联通IP

配置文件(/etc/sysconfig/ha/lvs.cf)如下:
serial_no = 23
primary = 113.74.32.22
primary_private = 192.168.1.22
service = lvs
backup_active = 1
backup = 113.74.32.23
backup_private = 192.168.1.23
heartbeat = 1
heartbeat_port = 539
keepalive = 6
deadtime = 18
network = direct
debug_level = NONE
monitor_links = 0
syncdaemon = 0
virtual telcom_http {
active = 1
address = 113.74.32.28 eth0:1
vip_nmask = 255.255.255.192
port = 80
send = "GET / HTTP/1.0\r\n\r\n"
expect = "HTTP"
use_regex = 0
load_monitor = none
scheduler = wrr
protocol = tcp
timeout = 6
reentry = 15
quiesce_server = 0
server tel_s1 {
address = 113.74.32.24
active = 1
port = 80
weight = 1
}
server tel_s2 {
address = 113.74.32.25
active = 1
port = 80
weight = 1
}
}
virtual unicom_http {
active = 1
address = 112.97.66.28 eth1:1
vip_nmask = 255.255.255.192
port = 80
send = "GET / HTTP/1.0\r\n\r\n"
expect = "HTTP"
use_regex = 0
load_monitor = none
scheduler = wrr
protocol = tcp
timeout = 6
reentry = 15
quiesce_server = 0
server uni_s1 {
address = 112.97.66.24
active = 1
port = 80
weight = 1
}
server uni_s2 {
address = 112.97.66.25
active = 1
port = 80
weight = 1
}
}

结果只有电信的虚拟IP能正常访问,联通总是不通,日志里显示都是正常的,用debug启动pulse也没有发现任何错误信息。/var/log/message里的信息如下:
Apr 1 10:16:14 localhost pulse[23357]: STARTING PULSE AS MASTER
Apr 1 10:16:14 localhost pulse[23357]: backup inactive: activating lvs
Apr 1 10:16:14 localhost lvs[23359]: starting virtual service telcom_http active: 80
Apr 1 10:16:14 localhost lvs[23359]: create_monitor for telcom_http/tel_s1 running as pid 23371
Apr 1 10:16:14 localhost lvs[23359]: create_monitor for telcom_http/tel_s2 running as pid 23372
Apr 1 10:16:14 localhost lvs[23359]: starting virtual service unicom_http active: 80
Apr 1 10:16:14 localhost nanny[23371]: starting LVS client monitor for 113.74.32.28:80 -> 113.74.32.24:80
Apr 1 10:16:14 localhost nanny[23372]: starting LVS client monitor for 113.74.32.28:80 -> 113.74.32.25:80
Apr 1 10:16:14 localhost lvs[23359]: create_monitor for unicom_http/uni_s1 running as pid 23374
Apr 1 10:16:14 localhost lvs[23359]: create_monitor for unicom_http/uni_s2 running as pid 23375
Apr 1 10:16:14 localhost nanny[23371]: [ active ] making 113.74.32.24:80 available
Apr 1 10:16:14 localhost nanny[23374]: starting LVS client monitor for 112.97.66.28:80 -> 112.97.66.24:80
Apr 1 10:16:14 localhost nanny[23375]: starting LVS client monitor for 112.97.66.28:80 -> 112.97.66.25:80
Apr 1 10:16:14 localhost nanny[23372]: [ active ] making 113.74.32.25:80 available
Apr 1 10:16:14 localhost nanny[23374]: [ active ] making 112.97.66.24:80 available
Apr 1 10:16:14 localhost nanny[23375]: [ active ] making 112.97.66.25:80 available
Apr 1 10:16:19 localhost pulse[23361]: gratuitous lvs arps finished

也有老外遇到同样的问题: http://web.archiveorange.com/archive/v/NcA572tT5blNs6Bj6FCl (虽然文中例子写得不太好,但现象是一样的)

Forums:

联通IP从外部访问不进来:
# ipvsadm
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 113.74.32.28:http wrr
-> 113.74.32.24:http Route 1 302 2484
-> 113.74.32.25:http Route 1 288 2478
TCP 112.97.66.28:http wrr
-> 112.97.66.24:http Route 1 0 0
-> 112.97.66.25:http Route 1 0 0

备注:机房内部能正常访问联通IP。