Red Hat Bugzilla – Bug 210618
Patch for port translation
Last modified: 2010-10-22 02:25:57 EDT
Description of problem: Features: - Adds a "port" option to real-server blocks in lvs.cf. This value defaults to the virtual service port number if specified, and port 80 if neither are specified (this is the default as is currently in piranha). This port value is passed to the "-r" argument for ipvsadm as called by nanny. - Adds the "-r" argument to nanny itself, similar to the already existing "-p" argument. The manpage for nanny has been updated to reflect this usage. - The special token "%p" has been added to nanny's external check command syntax in order to utilize the specific real-server port number in command-line-specified external check commands with nanny. Also see nanny manpage updates. Version-Release number of selected component (if applicable): 0.8.2
Created attachment 138417 [details] LVS port translation
Patch in CVS
There are two errors in my original patch submitted by Jordi Prats and found by Robert Hurst: 1) a log message spelling error 2) a missing update of rport to a log message Relative to the 0.8.2 source + original patch provided on this bug, they are: --- piranha-brenton/nanny.c 2006-10-10 08:19:06.000000000 -0500 +++ piranha-robert/nanny.c 2007-02-23 13:59:37.000000000 -0600 @@ -927,7 +927,7 @@ if (expect_str != NULL) { if (strcmp (expect_str, result) != 0) { piranha_log (flags, (char *) - "Trouble. Recieved results are not what we expected from (%s:%d)\n", + "Trouble. Received results are not what we expected from (%s:%d)\n", inet_ntoa (*remoteAddr), rport); res = 1; } else { @@ -1315,7 +1315,7 @@ /* Failover Service */ piranha_log (flags, (char *) "Remote service %s:%d is available", - inet_ntoa (*remoteAddr), port); + inet_ntoa (*remoteAddr), rport); } else if (service_type == SERV_LVS) { /* Virtual Server */ int newWeight;
http://www.austintek.com/LVS/LVS-HOWTO/HOWTO/LVS-HOWTO.rewrite_ports.html So, this *will not work* in anything but NAT configurations.
From the ipvsadm man page: -r, --real-server server-address Real server that an associated request for service may be assigned to. The server-address is the host address of a real server, and may plus port. Host can be either a plain IP address or a hostname. Port can be either a plain port number or the service name of port. In the case of the masquerading method, the host address is usually an RFC 1918 private IP address, and the port can be different from that of the associated service. With the tunneling and direct routing methods, port must be equal to that of the service address. For normal services, the port specified in the service address will be used if port is not specified. For fwmark services, port may be omitted, in which case the destination port on the real server will be the destination port of the request sent to the virtual service.
Yes, It only works for NAT configurations. For Direct routing or ip tunnel configurations you could set additional rules on the real servers to do port translation.
An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on the solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHBA-2008-0794.html