Ldirectord放在CISCO防火墙后面,不能实现负载均衡的问题
大家好!
我的Ldirectord和一台realserver放在CISCO防火墙之后,通过NAT方式提供web服务,
Ldirectord的地址是192.168.10.104,公网IP 221.174.21.116
realserver1的IP是192.168.10.112
现在在美国又部署一台web服务器realserver2,服务器的公网IP是192.174.21.1,
这三台服务器的VIP是192.168.10.120,公网IP 221.174.21.129
客户端adsl 地址为123.112.97.145
现在配置成IP tunl方式,所有的web请求服务能转发给realserver1的正常,转发给realserver2的不正常,请章博士和有这方面经验的朋友帮分析一下,问题出现在哪?该如何解决?
123.112.97.145访问221.174.21.129
tcpdump出来的数据如下
[Ldirector]# tcpdump dst 192.168.10.120
listening on eth0, link-type EN10MB (Ethernet), capture size 96 bytes
12:56:06.369881 IP 123.112.97.145.11134 > 192.168.10.120.http: S 789349072:789349072(0) win 65535
12:56:09.283861 IP 123.112.97.145.11134 > 192.168.10.120.http: S 789349072:789349072(0) win 65535
12:56:15.156085 IP 123.112.97.145.11134 > 192.168.10.120.http: S 789349072:789349072(0) win 65535
[realserver2]# tcpdump src 221.174.21.116
listening on eth0, link-type EN10MB (Ethernet), capture size 96 bytes
00:55:59.579414 IP 221.174.21.116 > 192.174.21.1: IP 123.112.97.145.11134 > 192.168.10.120.http: S 789349072:789349072(0) win 65535 (ipip-proto-4)
00:56:02.493382 IP 221.174.21.116 > 192.174.21.1: IP 123.112.97.145.11134 > 192.168.10.120.http: S 789349072:789349072(0) win 65535 (ipip-proto-4)
00:56:08.365658 IP 221.174.21.116 > 192.174.21.1: IP 123.112.97.145.11134 > 192.168.10.120.http: S 789349072:789349072(0) win 65535 (ipip-proto-4)
[realserver2]# tcpdump dst 123.112.97.145
listening on eth0, link-type EN10MB (Ethernet), capture size 96 bytes
00:55:59.579428 IP 192.168.10.120.http > 123.112.97.145.11134: R 0:0(0) ack 789349073 win 0
00:56:02.493389 IP 192.168.10.120.http > 123.112.97.145.11134: R 0:0(0) ack 1 win 0
00:56:08.365665 IP 192.168.10.120.http > 123.112.97.145.11134: R 0:0(0) ack 1 win 0
Forums:
用户登录
新的论坛主题
在线用户
There are currently 0 users online.
新进会员
- jeanninemartin4054
- feng900628
- silviagrassi8639302
- buddytiegs7720244448
- twylaesmond47523
聚合
msebilly
周日, 2007-04-15 03:39
Permalink
实际上CISOCO防火墙做
实际上CISOCO防火墙做成透明模式,上面的问题可以解决,但是改动起来影响到网站的运行。
继续顶,希望高人能帮忙解决。