Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 13 replies
  • Subscribers 2 subscribers
  • Views 10647 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Internal Load Balancing

thefuzz4
So I have 2 MariaDB servers setup in a master master replication status.  I went into the load balancing section and added a LB rule for them.  From all indications everything looks correct.  The server shows both DB servers up and running.

I set it up like this

Service MySQL
Virtual an additional IP that I tied to the internal interface
My 2 DB Servers

The load balancing works great for my external facing services but this isn't the first problem I've had with internal loadbalancing.  I setup one for NTP with the same deal.  It works great for the external side of things but internally I cannot get it to work.  

Thank you all in advance for your help with this.


This thread was automatically locked due to age.
  • 0
    You describe what you have, but not the problem.  [:D]  What does "I cannot get it to work" mean?

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0
    Hey Bob,

    So my internal servers do not connect to the address.  Its almost like its just not listening.
  • 0
    Interesting. What happens if you make a NAT rule like

    SNAT : Internal (Network) -> MySQL -> {servers} : from Internal (Address)


    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0
    With the SNAT I can see in the FW logs where it tries to connect with no love.  It shows the entry but nothing else after that. Thank you for helping me troubleshoot this Bob.
  • 0
    Please show one or two blocks from the full Firewall log file (not the Live Log).

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0
    Hey Bob,

    Here is the one line from the FW log showing it


    2015:07:20-12:06:53 phoenix-1 ulogd[28282]: id="2000" severity="info" sys="SecureNet" sub="packetfilter" name="Packet logged" action="log" fwrule="62021" initf="eth0" srcmac="74[:D]0:2b:35:a4:eb" dstmac="00:0c:29:e8:f7:0d" srcip="192.168.1.213" dstip="192.168.1.129" proto="6" length="60" tos="0x00" prec="0x00" ttl="64" srcport="36070" dstport="3306" tcpflags="SYN" 
  • 0
    What are .213 and .129?

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0
    213 is my local PC and 129 is the FW interface
  • 0
    fwrule="62021" => Please click on [Go Advanced] below and attach a picture of NAT rule #21 open in Edit.

    Is .129 the IP of "Internal (Address)" or of an Additional Address?  Does tcpdump show any MySQL traffic going from .129 to either of your SQL servers?

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson
    Hey Bob,

    Please see the attached screenshot.  Yeah its just the internal address for now.  I did have it on the additional with no love there either. 

    I haven't done a tcpdump yet on the MySQL hosts to see if they show anything but I'll do that as well.
Cookie Information Banner