LinuxQuestions.org
Go Job Hunting at the LQ Job Marketplace
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
Search this Thread
Old 06-10-2009, 04:06 AM   #1
justemail
LQ Newbie
 
Registered: Apr 2009
Posts: 29

Rep: Reputation: 15
How to open a port on a VIP (LVS)


I have setup a LVS server (CentOS 5.3).

It seems that all PORTS on VIP address are CLOSED. It also seems that when I OPEN a port on the Primary Virtual Server, they are opened on the physical IP address port of the server. Listed below are the IPTABLES & LVS.CF files.

While reading the iptables documentation & reviewing the iptables list below, Port 80 on both Physical & Virtual IP should be OPEN. But they are NOT.

Please go to: http://www.yougetsignal.com/tools/open-ports/ & check it out Port 80 on both PIP & VIP.

So if you have setup a LVS on CentOS 5.X (or RHEL), how do you open Port 80 (or other ports) on the VIP 65.103.190.107?

Jennifer K.

FYI: When I completely disable the firewall on the Primary Virtual Server, Port 80 (and all other ports) on the VIP become open.
-----------------
lvs.cf
serial_no = 17
primary = 65.103.190.106
primary_private = 192.168.1.1
service = lvs
backup_active = 1
backup = 65.103.190.108
backup_private = 192.168.1.2
heartbeat = 1
heartbeat_port = 539
keepalive = 6
deadtime = 18
network = nat
nat_router = 192.168.1.254 eth1:1
nat_nmask = 255.255.255.255
debug_level = NONE
monitor_links = 0
syncdaemon = 0
virtual HTTP {
active = 1
address = 65.103.190.107 eth0:1
vip_nmask = 255.255.255.255
port = 80
send = "GET / HTTP/1.0\r\n\r\n"
expect = "HTTP"
use_regex = 0
load_monitor = none
scheduler = wlc
protocol = tcp
timeout = 6
reentry = 15
quiesce_server = 0
server rs1 {
address = 192.168.1.10
active = 1
weight = 1000
}
}

----------------------
[root@vs1 ~]# /sbin/service iptables status
Table: filter Chain INPUT (policy ACCEPT) num target prot opt source destination
1 RH-Firewall-1-INPUT all -- 0.0.0.0/0 0.0.0.0/0
Chain FORWARD (policy ACCEPT) num target prot opt source destination 1 RH-Firewall-1-INPUT all -- 0.0.0.0/0 0.0.0.0/0
Chain OUTPUT (policy ACCEPT) num target prot opt source destination
Chain RH-Firewall-1-INPUT (2 references) num target prot opt source destination 1 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 2 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 255 3 ACCEPT esp -- 0.0.0.0/0 0.0.0.0/0 4 ACCEPT ah -- 0.0.0.0/0 0.0.0.0/0 5 ACCEPT udp -- 0.0.0.0/0 224.0.0.251 udp dpt:5353 6 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:631 7 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:631 8 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 9 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:2049 10 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22 11 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:80
12 REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited [root@vs1 ~]#
 
  


Reply

Tags
lvs, open, ports, vip


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
LVS - VIP Seems to be NOT Responding! justemail Linux - Networking 2 07-01-2009 03:13 AM
Piranha LVS/TUN support OR alternative web interface for configuring LVS ajitabhpandey Red Hat 0 05-18-2009 09:37 PM
best port scanner To scan open port in a network tanveer Linux - Security 8 01-21-2007 08:19 PM
VIP entry into any nightclub alexhen22 Linux - General 1 02-08-2006 11:42 AM
cannot SFTP to SUSE 9.2 box, port 22 open, can putty in though using same port. jgrady Linux - Networking 6 03-29-2005 08:44 AM


All times are GMT -5. The time now is 12:56 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration