Keepalived Virtual IP is not the Source IP Address

Discussion in 'Server Operation' started by neofire, Feb 29, 2016.

  1. neofire

    neofire Member

    Hey All
    Having a wired issue here
    I am using keepalived between two load balancers with a virtual ip address between them.
    Example below

    LB1 10.1.1.100
    LB2 10.1.1.200
    VIRTUAL 10.1.1.250

    Now i can see the virtual IP address and access it, but when the load balancer passes traffic to the web server UFW blocks the traffic, but its blocking the IP of the physical LB not the virtual IP

    is there a way to make sure that the Keepalived address is the source address, i have had this working before i dont really understand what could have changed
     
  2. wandersick

    wandersick New Member

    (Supposed keepalived is in use with nginx)

    In order to use VIP as the outgoing IP address for your backend servers, try adding the below line to the nginx config (/etc/nginx/nginx.conf) on both of your nginx servers:
    proxy_bind 10.1.1.250;
    (where 10.1.1.250 is your VIP.)

    After saving the config files, restart nginx service (service nginx restart) on both servers to take effect.

    Hope this helps.
     
    Last edited: Apr 6, 2016

Share This Page