[HaBo]
| Linux/UNIX Linuxverfechter finden hier Weggefährten. |
 |
07.02.10, 13:10
|
#1 (permalink) |
|
Senior Member
Registriert seit: 26.03.06
 |
Problem mit Linux-HA und Wireless Bridge
Hi, folgendes Szenario: Ich hab ein Cluster aus 3 VMware ESX 4.0, die getrennt durch eine Wireless Bridge (openwrt) in meinem Netzwerk hängen. Die Rechner benutze ich zum Testen von einigen Dingen, u.a. Linux HA. Linux-HA kennt eine Resource "IPaddr", die beim starten eine bestimmte konfigurierte IP Adresse zu einem Interface hinzufügt. Mit "ip addr show" kann man das auch schön sehen. Nur pingen kann ich die Adresse kaum: Code:
mathias@mini:~$ ssh root@linux-ha-01 ip addr show eth0
root@linux-ha-01's password:
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:50:56:b1:7a:f2 brd ff:ff:ff:ff:ff:ff
inet 10.0.0.210/24 brd 10.0.0.255 scope global eth0
inet 10.0.0.254/24 brd 10.0.0.255 scope global secondary eth0
inet6 fe80::250:56ff:feb1:7af2/64 scope link
valid_lft forever preferred_lft forever
mathias@mini:~$ ssh root@linux-ha-02 ip addr show eth0
root@linux-ha-02's password:
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:50:56:b1:0d:86 brd ff:ff:ff:ff:ff:ff
inet 10.0.0.211/24 brd 10.0.0.255 scope global eth0
inet6 fe80::250:56ff:feb1:d86/64 scope link
valid_lft forever preferred_lft forever
mathias@mini:~$ ping 10.0.0.254
PING 10.0.0.254 (10.0.0.254) 56(84) bytes of data.
64 bytes from 10.0.0.254: icmp_seq=9 ttl=64 time=175 ms
^C
--- 10.0.0.254 ping statistics ---
44 packets transmitted, 1 received, 97% packet loss, time 43308ms
rtt min/avg/max/mdev = 175.981/175.981/175.981/0.000 ms
mathias@mini:~$ ping 10.0.0.211
PING 10.0.0.211 (10.0.0.211) 56(84) bytes of data.
64 bytes from 10.0.0.211: icmp_seq=1 ttl=64 time=2.87 ms
^C
--- 10.0.0.211 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 2.874/2.874/2.874/0.000 ms
mathias@mini:~$ ping 10.0.0.210
PING 10.0.0.210 (10.0.0.210) 56(84) bytes of data.
64 bytes from 10.0.0.210: icmp_seq=1 ttl=64 time=1.45 ms
64 bytes from 10.0.0.210: icmp_seq=2 ttl=64 time=3.30 ms
^C
--- 10.0.0.210 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1001ms
rtt min/avg/max/mdev = 1.459/2.379/3.300/0.921 ms
mathias@mini:~$
Das passiert aber _nur_ wenn ich von einem Rechner aus pinge, der nicht auf der Seite der Bridge ist, wie z.B. der "mini" im obigen Beispiel. Jetzt pinge ich mal von einem Rechner aus, der sich "hinter" der Bridge befindet, also auf der gleichen "Seite" wie die HA nodes: Code:
mathias@storage:~$ ping -c 2 10.0.0.210 PING 10.0.0.210 (10.0.0.210) 56(84) bytes of data. 64 bytes from 10.0.0.210: icmp_seq=1 ttl=64 time=3.95 ms 64 bytes from 10.0.0.210: icmp_seq=2 ttl=64 time=0.383 ms --- 10.0.0.210 ping statistics --- 2 packets transmitted, 2 received, 0% packet loss, time 1003ms rtt min/avg/max/mdev = 0.383/2.169/3.955/1.786 ms mathias@storage:~$ ping -c 2 10.0.0.211 PING 10.0.0.211 (10.0.0.211) 56(84) bytes of data. 64 bytes from 10.0.0.211: icmp_seq=1 ttl=64 time=2.51 ms 64 bytes from 10.0.0.211: icmp_seq=2 ttl=64 time=0.386 ms --- 10.0.0.211 ping statistics --- 2 packets transmitted, 2 received, 0% packet loss, time 1005ms rtt min/avg/max/mdev = 0.386/1.452/2.518/1.066 ms mathias@storage:~$ ping -c 2 10.0.0.254 PING 10.0.0.254 (10.0.0.254) 56(84) bytes of data. 64 bytes from 10.0.0.254: icmp_seq=1 ttl=64 time=1.06 ms 64 bytes from 10.0.0.254: icmp_seq=2 ttl=64 time=1.40 ms --- 10.0.0.254 ping statistics --- 2 packets transmitted, 2 received, 0% packet loss, time 1004ms rtt min/avg/max/mdev = 1.064/1.233/1.403/0.173 ms mathias@storage:~$ cu serow Geändert von Serow (07.02.10 um 13:21 Uhr) |
|
   
|
|
07.02.10, 14:30
|
#2 (permalink) |
|
Moderator
 
Registriert seit: 30.09.06
|
Geht denn ein traceroute bis zum gewünschten Rechner durch?
|
|
|
|
|
07.02.10, 14:40
|
#3 (permalink) |
|
Senior Member
Themenstarter
Registriert seit: 26.03.06
|
Hi,
das traceroute sieht etwas seltsam auf dafür, dass es nur 1 hop ist / sein sollte: Code:
mathias@mini:~$ traceroute 10.0.0.254 traceroute to 10.0.0.254 (10.0.0.254), 30 hops max, 60 byte packets 1 * * * 2 * * * 3 * * * 4 * * * 5 * * * 6 * * * 7 * * * 8 * * * 9 * * * 10 * * * 11 * * * 12 * * * 13 * * * 14 * * * 15 * * * 16 * * * 17 * * * 18 * * * 19 * * * 20 * * * 21 * * * 22 * * * 23 * * * 24 * * * 25 * * * 26 * * * 27 * * * 28 * * * 29 * * * 30 * * * mathias@mini:~$ |
|
|
|
|
08.02.10, 01:08
|
#4 (permalink) |
|
Moderator
Registriert seit: 30.09.06
|
Irgendeine Firewall dazwischen, die das traceroute blocken könnte?
|
|
|
|
|
08.02.10, 09:17
|
#5 (permalink) |
|
Senior Member
Themenstarter
Registriert seit: 26.03.06
|
Hi,
im Prinzip könnte der andere openwrt router, der der die PPP Verbindung aufmacht und das WLAN bereitstellt da was vermurksen: Code:
Chain INPUT (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
21 2903 DROP all -- any any anywhere anywhere state INVALID
246K 16M ACCEPT all -- any any anywhere anywhere state RELATED,ESTABLISHED
22 1452 ACCEPT all -- lo any anywhere anywhere
5969 335K syn_flood tcp -- any any anywhere anywhere tcp flags:FIN,SYN,RST,ACK/SYN
3451 201K ACCEPT tcp -- any any anywhere anywhere tcp dpt:22
115K 13M input_rule all -- any any anywhere anywhere
115K 13M input all -- any any anywhere anywhere
Chain FORWARD (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 DROP all -- any any anywhere anywhere state INVALID
14M 13G ACCEPT all -- any any anywhere anywhere state RELATED,ESTABLISHED
47575 3317K forwarding_rule all -- any any anywhere anywhere
47575 3317K forward all -- any any anywhere anywhere
Chain OUTPUT (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 DROP all -- any any anywhere anywhere state INVALID
497K 495M ACCEPT all -- any any anywhere anywhere state RELATED,ESTABLISHED
22 1452 ACCEPT all -- any lo anywhere anywhere
8450 1182K output_rule all -- any any anywhere anywhere
8449 1182K output all -- any any anywhere anywhere
Chain forward (1 references)
pkts bytes target prot opt in out source destination
47566 3317K zone_lan_forward all -- br-lan any anywhere anywhere
9 540 zone_wan_forward all -- ppp0 any anywhere anywhere
Chain forwarding_lan (1 references)
pkts bytes target prot opt in out source destination
Chain forwarding_rule (1 references)
pkts bytes target prot opt in out source destination
Chain forwarding_wan (1 references)
pkts bytes target prot opt in out source destination
Chain input (1 references)
pkts bytes target prot opt in out source destination
113K 13M zone_lan all -- br-lan any anywhere anywhere
2311 139K zone_wan all -- ppp0 any anywhere anywhere
Chain input_lan (1 references)
pkts bytes target prot opt in out source destination
Chain input_rule (1 references)
pkts bytes target prot opt in out source destination
Chain input_wan (1 references)
pkts bytes target prot opt in out source destination
Chain output (1 references)
pkts bytes target prot opt in out source destination
8449 1182K zone_lan_ACCEPT all -- any any anywhere anywhere
5900 411K zone_wan_ACCEPT all -- any any anywhere anywhere
Chain output_rule (1 references)
pkts bytes target prot opt in out source destination
Chain reject (4 references)
pkts bytes target prot opt in out source destination
0 0 REJECT tcp -- any any anywhere anywhere reject-with tcp-reset
0 0 REJECT all -- any any anywhere anywhere reject-with icmp-port-unreachable
Chain syn_flood (1 references)
pkts bytes target prot opt in out source destination
5345 298K RETURN tcp -- any any anywhere anywhere tcp flags:FIN,SYN,RST,ACK/SYN limit: avg 25/sec burst 50
624 37440 DROP all -- any any anywhere anywhere
Chain zone_lan (1 references)
pkts bytes target prot opt in out source destination
113K 13M input_lan all -- any any anywhere anywhere
113K 13M zone_lan_ACCEPT all -- any any anywhere anywhere
Chain zone_lan_ACCEPT (3 references)
pkts bytes target prot opt in out source destination
113K 13M ACCEPT all -- br-lan any anywhere anywhere
2549 771K ACCEPT all -- any br-lan anywhere anywhere
Chain zone_lan_DROP (0 references)
pkts bytes target prot opt in out source destination
0 0 DROP all -- br-lan any anywhere anywhere
0 0 DROP all -- any br-lan anywhere anywhere
Chain zone_lan_MSSFIX (0 references)
pkts bytes target prot opt in out source destination
0 0 TCPMSS tcp -- any br-lan anywhere anywhere tcp flags:SYN,RST/SYN TCPMSS clamp to PMTU
Chain zone_lan_REJECT (0 references)
pkts bytes target prot opt in out source destination
0 0 reject all -- br-lan any anywhere anywhere
0 0 reject all -- any br-lan anywhere anywhere
Chain zone_lan_forward (1 references)
pkts bytes target prot opt in out source destination
47566 3317K zone_wan_ACCEPT all -- any any anywhere anywhere
0 0 forwarding_lan all -- any any anywhere anywhere
0 0 zone_lan_ACCEPT all -- any any anywhere anywhere
Chain zone_wan (1 references)
pkts bytes target prot opt in out source destination
2311 139K input_wan all -- any any anywhere anywhere
2311 139K zone_wan_DROP all -- any any anywhere anywhere
Chain zone_wan_ACCEPT (2 references)
pkts bytes target prot opt in out source destination
0 0 ACCEPT all -- ppp0 any anywhere anywhere
53466 3727K ACCEPT all -- any ppp0 anywhere anywhere
Chain zone_wan_DROP (2 references)
pkts bytes target prot opt in out source destination
2311 139K DROP all -- ppp0 any anywhere anywhere
0 0 DROP all -- any ppp0 anywhere anywhere
Chain zone_wan_MSSFIX (0 references)
pkts bytes target prot opt in out source destination
0 0 TCPMSS tcp -- any ppp0 anywhere anywhere tcp flags:SYN,RST/SYN TCPMSS clamp to PMTU
Chain zone_wan_REJECT (0 references)
pkts bytes target prot opt in out source destination
0 0 reject all -- ppp0 any anywhere anywhere
0 0 reject all -- any ppp0 anywhere anywhere
Chain zone_wan_forward (1 references)
pkts bytes target prot opt in out source destination
0 0 ACCEPT udp -- any any anywhere 10.0.0.240 udp dpts:27000:27050
0 0 ACCEPT tcp -- any any anywhere 10.0.0.240 tcp dpts:27000:27050
0 0 ACCEPT udp -- any any anywhere 10.0.0.240 udp dpt:1200
0 0 ACCEPT tcp -- any any anywhere vcenter.mathias-ewald.invalid. tcp dpt:3389
0 0 ACCEPT tcp -- any any anywhere storage.mathias-ewald.invalid. tcp dpt:22
5 300 ACCEPT tcp -- any any anywhere www.mathias-ewald.invalid. tcp dpt:8080
4 240 ACCEPT tcp -- any any anywhere www.mathias-ewald.invalid. tcp dpt:80
0 0 forwarding_wan all -- any any anywhere anywhere
0 0 zone_wan_DROP all -- any any anywhere anywhere
Code:
Chain INPUT (policy ACCEPT 4 packets, 330 bytes)
pkts bytes target prot opt in out source destination
0 0 DROP all -- any any anywhere anywhere state INVALID
2755 194K ACCEPT all -- any any anywhere anywhere state RELATED,ESTABLISHED
1 69 ACCEPT all -- lo any anywhere anywhere
21 1260 syn_flood tcp -- any any anywhere anywhere tcp flags:FIN,SYN,RST,ACK/SYN
27967 2405K input_rule all -- any any anywhere anywhere
27967 2405K input all -- any any anywhere anywhere
Chain FORWARD (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 DROP all -- any any anywhere anywhere state INVALID
0 0 ACCEPT all -- any any anywhere anywhere state RELATED,ESTABLISHED
0 0 forwarding_rule all -- any any anywhere anywhere
0 0 forward all -- any any anywhere anywhere
0 0 reject all -- any any anywhere anywhere
Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 DROP all -- any any anywhere anywhere state INVALID
4707 691K ACCEPT all -- any any anywhere anywhere state RELATED,ESTABLISHED
1 69 ACCEPT all -- any lo anywhere anywhere
2 136 output_rule all -- any any anywhere anywhere
2 136 output all -- any any anywhere anywhere
Chain forward (1 references)
pkts bytes target prot opt in out source destination
0 0 zone_lan_forward all -- br-lan any anywhere anywhere
0 0 zone_wan_forward all -- eth0.1 any anywhere anywhere
Chain forwarding_lan (1 references)
pkts bytes target prot opt in out source destination
Chain forwarding_rule (1 references)
pkts bytes target prot opt in out source destination
Chain forwarding_wan (1 references)
pkts bytes target prot opt in out source destination
Chain input (1 references)
pkts bytes target prot opt in out source destination
27963 2404K zone_lan all -- br-lan any anywhere anywhere
0 0 zone_wan all -- eth0.1 any anywhere anywhere
Chain input_lan (1 references)
pkts bytes target prot opt in out source destination
Chain input_rule (1 references)
pkts bytes target prot opt in out source destination
Chain input_wan (1 references)
pkts bytes target prot opt in out source destination
Chain output (1 references)
pkts bytes target prot opt in out source destination
2 136 zone_lan_ACCEPT all -- any any anywhere anywhere
0 0 zone_wan_ACCEPT all -- any any anywhere anywhere
Chain output_rule (1 references)
pkts bytes target prot opt in out source destination
Chain reject (5 references)
pkts bytes target prot opt in out source destination
0 0 REJECT tcp -- any any anywhere anywhere reject-with tcp-reset
0 0 REJECT all -- any any anywhere anywhere reject-with icmp-port-unreachable
Chain syn_flood (1 references)
pkts bytes target prot opt in out source destination
21 1260 RETURN tcp -- any any anywhere anywhere tcp flags:FIN,SYN,RST,ACK/SYN limit: avg 25/sec burst 50
0 0 DROP all -- any any anywhere anywhere
Chain zone_lan (1 references)
pkts bytes target prot opt in out source destination
27963 2404K input_lan all -- any any anywhere anywhere
27963 2404K zone_lan_ACCEPT all -- any any anywhere anywhere
Chain zone_lan_ACCEPT (2 references)
pkts bytes target prot opt in out source destination
27963 2404K ACCEPT all -- br-lan any anywhere anywhere
2 136 ACCEPT all -- any br-lan anywhere anywhere
Chain zone_lan_DROP (0 references)
pkts bytes target prot opt in out source destination
0 0 DROP all -- br-lan any anywhere anywhere
0 0 DROP all -- any br-lan anywhere anywhere
Chain zone_lan_MSSFIX (0 references)
pkts bytes target prot opt in out source destination
0 0 TCPMSS tcp -- any br-lan anywhere anywhere tcp flags:SYN,RST/SYN TCPMSS clamp to PMTU
Chain zone_lan_REJECT (1 references)
pkts bytes target prot opt in out source destination
0 0 reject all -- br-lan any anywhere anywhere
0 0 reject all -- any br-lan anywhere anywhere
Chain zone_lan_forward (1 references)
pkts bytes target prot opt in out source destination
0 0 zone_wan_ACCEPT all -- any any anywhere anywhere
0 0 forwarding_lan all -- any any anywhere anywhere
0 0 zone_lan_REJECT all -- any any anywhere anywhere
Chain zone_wan (1 references)
pkts bytes target prot opt in out source destination
0 0 input_wan all -- any any anywhere anywhere
0 0 zone_wan_REJECT all -- any any anywhere anywhere
Chain zone_wan_ACCEPT (2 references)
pkts bytes target prot opt in out source destination
0 0 ACCEPT all -- eth0.1 any anywhere anywhere
0 0 ACCEPT all -- any eth0.1 anywhere anywhere
Chain zone_wan_DROP (0 references)
pkts bytes target prot opt in out source destination
0 0 DROP all -- eth0.1 any anywhere anywhere
0 0 DROP all -- any eth0.1 anywhere anywhere
Chain zone_wan_MSSFIX (0 references)
pkts bytes target prot opt in out source destination
0 0 TCPMSS tcp -- any eth0.1 anywhere anywhere tcp flags:SYN,RST/SYN TCPMSS clamp to PMTU
Chain zone_wan_REJECT (2 references)
pkts bytes target prot opt in out source destination
0 0 reject all -- eth0.1 any anywhere anywhere
0 0 reject all -- any eth0.1 anywhere anywhere
Chain zone_wan_forward (1 references)
pkts bytes target prot opt in out source destination
0 0 forwarding_wan all -- any any anywhere anywhere
0 0 zone_wan_REJECT all -- any any anywhere anywhere
cu serow |
|
|
|
|
10.02.10, 10:14
|
#6 (permalink) |
|
Registriert seit: 30.06.08
|
Hast du einfach mal ein anderes Geraet/System als Bridge probiert?
__________________
BSD Guy: Yeah! They took my code! GPL Guy: Fuck! They took my code! |
|
|
|
|
10.02.10, 11:04
|
#7 (permalink) |
|
Senior Member
Themenstarter
Registriert seit: 26.03.06
|
Hi,
nein hab ich nicht. Meinst du z.B. dd-wrt? Die Original-Firmware kann kein bridging. cu serow |
|
|
|
|
[HaBo] » Operating Systems » Linux/UNIX » Problem mit Linux-HA und Wireless Bridge
«
Ubuntu 8.10 QT Creator 1.3.1 und die Dokumentation[gelöst]
|
Perc 5/i (MegaRaid SAS) + Debian lenny x86_64 = iowait > 100%
»
| Themen-Optionen | Thema durchsuchen |
| Ansicht | |
Linear-Darstellung
|
|
