CLUSTERIP problems

All of lore.kernel.org
 help / color / mirror / Atom feed

* CLUSTERIP problems
@ 2005-06-28 19:40 Piotr Chytla
  2005-06-30 16:35 ` Piotr Chytla
  0 siblings, 1 reply; 3+ messages in thread
From: Piotr Chytla @ 2005-06-28 19:40 UTC (permalink / raw)
  To: netfilter

Hi 

I've problem with CLUSTERIP from 2.6.12 kernel, both nodes run debian
sarge on 2.6.12.

First node :
eth0      Link encap:Ethernet  HWaddr 00:06:29:8F:42:0D  
          inet addr:192.168.116.50  Bcast:192.168.116.127
	  Mask:255.255.255.128

iptables -A INPUT -i eth0 -p tcp -d 192.168.116.50/32 --dport 80 -j CLUSTERIP --new --hashmode sourceip --clustermac 01:23:45:67:89:AB --total-nodes 2 --local-node 1

Second node:
eth0      Link encap:Ethernet  HWaddr 00:06:29:A8:14:4D  
          inet addr:192.168.116.51  Bcast:192.168.116.127
	  Mask:255.255.255.128

iptables -A INPUT -i eth0 -p tcp -d 192.168.116.50/32 --dport 80 -j CLUSTERIP --new --hashmode sourceip --clustermac 01:23:45:67:89:AB --total-nodes 2 --local-node 2

When I've tried to connect from outside to cluster , connection fails . 
Only some SYN packets appears on input interface , but connection is not
created. 

On the first machine I have in logs only this :

hash=1 ct_hash=1 not responsible

ARP mangling patch for 2.6.12 is applied :

http://patchwork.netfilter.org/netfilter-devel/patch.pl?id=2643

/pch

-- 
Dyslexia bug unpatched sinse 1977 ...
exploit have leaked to the underground.


^ permalink raw reply	[flat|nested] 3+ messages in thread

* Re: CLUSTERIP problems
  2005-06-28 19:40 CLUSTERIP problems Piotr Chytla
@ 2005-06-30 16:35 ` Piotr Chytla
  2005-07-01 23:22   ` Tobias DiPasquale
  0 siblings, 1 reply; 3+ messages in thread
From: Piotr Chytla @ 2005-06-30 16:35 UTC (permalink / raw)
  To: netfilter; +Cc: netfilter-devel

On Tue, Jun 28, 2005 at 09:40:26PM +0200, Piotr Chytla wrote:
> I've problem with CLUSTERIP from 2.6.12 kernel, both nodes run debian
> sarge on 2.6.12.
> 
> 
[..]
> On the first machine I have in logs only this :
> 
> hash=1 ct_hash=1 not responsible
> 
> ARP mangling patch for 2.6.12 is applied :
> 
> http://patchwork.netfilter.org/netfilter-devel/patch.pl?id=2643
> 
Problem was in wrong header file ipt_CLUSTERIP.h that is diffrent 
between iptables tree and 2.6.12 kernel . 

It seems that in struct ipt_clusterip_tgt_info, *config pointer 
was moved up.

First file ipt_CLUSTERIP.h.20050630 is from iptables tree second
one from 2.6.12 kernel.

--- ipt_CLUSTERIP.h.20050630    2005-03-07 15:00:35.000000000 +0100
+++ ipt_CLUSTERIP.h     2005-06-17 21:48:29.000000000 +0200
@@ -18,6 +18,7 @@
 struct ipt_clusterip_tgt_info {
 
        u_int32_t flags;
+       struct clusterip_config *config;
        
        /* only relevant for new ones */
        u_int8_t clustermac[6];
@@ -26,12 +27,6 @@
        u_int16_t local_nodes[CLUSTERIP_MAX_NODES];
        enum clusterip_hashmode hash_mode;
        u_int32_t hash_initval;
-       
-#ifdef KERNEL_64_USERSPACE_32
-       u_int64_t config;
-#else
-       struct clusterip_config *config;
-#endif
 };
 
 #endif /*_IPT_CLUSTERIP_H_target*/

/pch

-- 
Dyslexia bug unpatched sinse 1977 ...
exploit have leaked to the underground.


^ permalink raw reply	[flat|nested] 3+ messages in thread

* Re: CLUSTERIP problems
  2005-06-30 16:35 ` Piotr Chytla
@ 2005-07-01 23:22   ` Tobias DiPasquale
  0 siblings, 0 replies; 3+ messages in thread
From: Tobias DiPasquale @ 2005-07-01 23:22 UTC (permalink / raw)
  To: Piotr Chytla; +Cc: netfilter-devel, netfilter

On 6/30/05, Piotr Chytla <pch@packetconsulting.pl> wrote:
> On Tue, Jun 28, 2005 at 09:40:26PM +0200, Piotr Chytla wrote:
> > I've problem with CLUSTERIP from 2.6.12 kernel, both nodes run debian
> > sarge on 2.6.12.
> >
> >
> [..]
> > On the first machine I have in logs only this :
> >
> > hash=1 ct_hash=1 not responsible
> >
> > ARP mangling patch for 2.6.12 is applied :
> >
> > http://patchwork.netfilter.org/netfilter-devel/patch.pl?id=2643
> >
> Problem was in wrong header file ipt_CLUSTERIP.h that is diffrent
> between iptables tree and 2.6.12 kernel .
> 
> It seems that in struct ipt_clusterip_tgt_info, *config pointer
> was moved up.
> 
> First file ipt_CLUSTERIP.h.20050630 is from iptables tree second
> one from 2.6.12 kernel.
> 
> --- ipt_CLUSTERIP.h.20050630    2005-03-07 15:00:35.000000000 +0100
> +++ ipt_CLUSTERIP.h     2005-06-17 21:48:29.000000000 +0200
> @@ -18,6 +18,7 @@
>  struct ipt_clusterip_tgt_info {
> 
>         u_int32_t flags;
> +       struct clusterip_config *config;
> 
>         /* only relevant for new ones */
>         u_int8_t clustermac[6];
> @@ -26,12 +27,6 @@
>         u_int16_t local_nodes[CLUSTERIP_MAX_NODES];
>         enum clusterip_hashmode hash_mode;
>         u_int32_t hash_initval;
> -
> -#ifdef KERNEL_64_USERSPACE_32
> -       u_int64_t config;
> -#else
> -       struct clusterip_config *config;
> -#endif
>  };
> 
>  #endif /*_IPT_CLUSTERIP_H_target*/

You should have used the reverse of this. The header with *config at
the bottom and the #ifdef KERNEL_64_USERSPACE_32 is the one to use
with the kernel and iptables, both.

-- 
[ Tobias DiPasquale ]
0x636f6465736c696e67657240676d61696c2e636f6d


^ permalink raw reply	[flat|nested] 3+ messages in thread

end of thread, other threads:[~2005-07-01 23:22 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2005-06-28 19:40 CLUSTERIP problems Piotr Chytla
2005-06-30 16:35 ` Piotr Chytla
2005-07-01 23:22   ` Tobias DiPasquale

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.