0

I follow the steps to set up load balances like:

$ sudo ipvsadm -A -t 127.0.0.1:8301 -s rr
$ sudo ipvsadm -a -t 127.0.0.1:8301 -r 127.0.0.1:8310 -m

In Ubuntu 14.04, kernel 3.13.0-44-generic #73-Ubuntu, ipvsadm v1.2.6 2008/5/15:

$ sudo ipvsadm
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port  Forward Weight ActiveConn InActConn
TCP localhost:8301 rr
-> localhost:8310       **Masq** 1 0 0

But in CentOS 6, kernel 2.6.32-504.3.3.el6.x86_64, ipvsadm v1.2.6 2008/5/15:

$ sudo ipvsadm
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port  Forward Weight ActiveConn InActConn
TCP localhost:amberon rr
-> localhost:8310       **Local** 1 0 0

Is there any difference between masquerading and local?

How can I set forward to masquerading since -m doesn't work as expected in CentOS?

Update:

When I nc -l 8310 and open another terminal telnet localhost 8301, CentOS returns Connection refused while Ubuntu works fine.

jasonz
  • 101
  • 4
  • 1) Yes, there's a huge difference between Masquerade and Local modes 2) You say that "-m doesn't work?". Does that mean you get an error message when you try? If so, what is it? 3) In your first two commands, one has sudo, the other does not. Is that a typo in posting to this site? If not, I'm surprised anything works at all. – Craig Miskell Dec 29 '14 at 19:05
  • @CraigMiskell 2) There's no error message but I set `-m` explicitly while it still returns 'Forward Local' in CentOS. Why the same commands behavior differently in Ubuntu/CentOS? 3) It's a typo. I've updated. – jasonz Dec 30 '14 at 01:30
  • http://kb.linuxvirtualserver.org/wiki/Ipvsadm claims, for the -m option: "Note: Regardless of the packet-forwarding mechanism specified, real servers for addresses for which there are interfaces on the local node will be use the local forwarding method, then packets for the servers will be passed to upper layer on the local node. This cannot be specified by ipvsadm, rather it set by the kernel as real servers are added or modified." So, it would seem to me that in your scenario using 127.0.0.1, "local" is expected, and Masq is perhaps an anomaly in Ubuntu 14.04. – Craig Miskell Dec 30 '14 at 04:48
  • Certainly expecting identical behaviour on machines with such disparate (in time/dev work) kernels as 2.6.32 and 3.13.0 is asking quite a bit. – Craig Miskell Dec 30 '14 at 04:49
  • @CraigMiskell Thanks. 'then packets for the servers will be passed to upper layer on the local node', can 'Forward Local' redirect packages? If I `nc -l 8310` and `telnet localhost 8301`, CentOS still returns 'connection refused'. – jasonz Dec 30 '14 at 06:47
  • Same issue here: CentOS 7.9 I've created a virtual server listening on 192.168.1.13:80 with real server on 127.0.0.1:49153 using masquerade: -A -t 192.168.1.13:80 -s rr -a -t 192.168.1.13:80 -r 127.0.0.1:49153 -m -w 1 Works in ubuntu 21.10. Don't know if iptables handles anything as ipvs changes packet and send it back to kernel. – Rafael Diego Nicoletti Oct 26 '21 at 17:25

0 Answers0