双机浮动地址和防火墙通信问题!(内详)
两台服务器A、B机安装的suse linux操作系统。每台服务器两张网卡。
A:eth0 192.80.10.160 eth1 192.80.20.160 两张网卡做主备它们绑定的ip地址为:192.80.100.163
B:eth0 192.80.10.161 eth1 192.80.20.161 两张网卡做主备它们绑定的ip地址为:192.80.100.164
这两台服务器做双机用HA软件浮动出ip地址:192.80.100.165
我通过防火墙ping 192.80.100.165、192.80.100.163、192.80.100.164都ping不通。 但是通过内网的其它服务器C 192.80.100.160都能ping通以上这三个地址。服务器C 192.80.100.160也能ping通防火墙的内部地址:192.80.100.100
请问为什么防火墙不能ping通192.80.100.165???????????????
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(8)
没人回答吗?自己顶一下!
check the policy of your firewall first....
A:
# ifconfig
# route -n
B:
# ifconfig
# route -n
顺便画出拓扑图,包括能 ping 通的那台和不能 ping 通的那台的网络连接
A机的:
0:69:75
linux1:~ # ifconfig -a
bond0 Link encap:Ethernet HWaddr 00:12:79
inet addr:192.80.100.163 Bcast:192.80.100.255 Mask:255.255.255.0
inet6 addr: fe80::212:79ff:fed0:6975/64 Scope:Link
UP BROADCAST RUNNING MASTER MULTICAST MTU:1500 Metric:1
RX packets:84070 errors:0 dropped:0 overruns:0 frame:0
TX packets:25801 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:11826764 (11.2 Mb) TX bytes:3940334 (3.7 Mb)
bond0:0 Link encap:Ethernet HWaddr 00:12:79
0:69:75
inet addr:192.80.100.165 Bcast:192.80.100.100 Mask:255.255.255.0
UP BROADCAST RUNNING MASTER MULTICAST MTU:1500 Metric:1
eth0 Link encap:Ethernet HWaddr 00:12:79
0:69:75
inet addr:192.80.100.163 Bcast:192.80.100.255 Mask:255.255.255.0
inet6 addr: fe80::212:79ff:fed0:6975/64 Scope:Link
UP BROADCAST RUNNING SLAVE MULTICAST MTU:1500 Metric:1
RX packets:31153 errors:0 dropped:0 overruns:0 frame:0
TX packets:25798 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:4972318 (4.7 Mb) TX bytes:3940112 (3.7 Mb)
Interrupt:25 Memory:fdcf0000-fdd00000
eth1 Link encap:Ethernet HWaddr 00:12:79
0:69:75
inet addr:192.80.100.163 Bcast:192.80.100.255 Mask:255.255.255.0
inet6 addr: fe80::212:79ff:fed0:6975/64 Scope:Link
UP BROADCAST RUNNING NOARP SLAVE MULTICAST MTU:1500 Metric:1
RX packets:52917 errors:0 dropped:0 overruns:0 frame:0
TX packets:3 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:6854446 (6.5 Mb) TX bytes:222 (222.0 b)
Interrupt:26 Memory:fdce0000-fdcf0000
eth2 Link encap:Ethernet HWaddr 00:11:85:04
8:CF
inet addr:192.80.30.160 Bcast:192.80.30.255 Mask:255.255.255.0
inet6 addr: fe80::211:85ff:fe04:d8cf/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:81530 errors:0 dropped:0 overruns:0 frame:0
TX packets:81537 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:7617364 (7.2 Mb) TX bytes:7617885 (7.2 Mb)
Interrupt:74 Memory:fdef0000-fdf00000
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:2485 errors:0 dropped:0 overruns:0 frame:0
TX packets:2485 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:249335 (243.4 Kb) TX bytes:249335 (243.4 Kb)
sit0 Link encap:IPv6-in-IPv4
NOARP MTU:1480 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
linux1:~ # netstat -rn
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
192.168.100.163 0.0.0.0 255.255.255.255 UH 0 0 0 bond0
192.80.100.165 0.0.0.0 255.255.255.255 UH 0 0 0 bond0
192.80.30.0 0.0.0.0 255.255.255.0 U 0 0 0 eth2
192.80.100.0 0.0.0.0 255.255.255.0 U 0 0 0 bond0
192.80.100.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
192.80.100.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
0.0.0.0 192.80.100.100 0.0.0.0 UG 0 0 0 bond0
linux1:~ #
B机的和上面一样,只是把里面所有的163改为164
防火墙现在是不能ping通浮动地址和浮动地址指向的服务器的ip地址。
比如:如果浮动地址在A机上,那么防火墙ping不通A机的本身的地址,也ping不通浮动地址。 但是能ping通B机的地址。
oh,I see.The HA is failed........
如果ha有问题,我在上面做的服务都好好的,也能顺利切换,而且用其它服务期器ping也是正常的,为什么就防火墙上面不行呢?
怎么没人回答阿