Keepalived problem with load balancing

I have set up keepalived for load balancing. It works for redundancy but

does not work when trying to load balance.

I am using mnultiple servers and have exact same configurations on both

servers. debian 64 bit squeeze.

keepaliv conf:

# Configuration File for Keepalived

# Global Configuration
global_defs {
   notification_email {
     sharif@xxxxxxxx
   }
   notification_email_from keepalived@xxxxxxxx
   smtp_server smtp.xxxx.lan
   smtp_connect_timeout 30
   router_id DEBIAN2        # string identifying the machine
}

# describe virtual service ip
vrrp_instance VI_1 {
   # initial state
   state BACKUP
   interface eth0
   # arbitary unique number 0..255
   # used to differentiate multiple instances of vrrpd
   virtual_router_id 1
   # for electing MASTER, highest priority wins.
   # to be MASTER, make 50 more than other machines.
   priority 60
   authentication {
     auth_type PASS
     auth_pass xxx
   }

   virtual_ipaddress {
     192.168.0.199/32
   }

   smtp_alert
}

# describe virtual web server
virtual_server 192.168.0.199 8080 {
#  delay_loop 5

   # lc = least connected
   lb_algo rr

   # DR = Dynamic routing (best)
   lb_kind NAT

#  persistence_timeout 50
   protocol TCP

   real_server 192.168.0.212 80 {
     TCP_CHECK {
       connect_timeout 1
#      nb_get_retry 2
#      delay_before_retry 60
     }
   }
   real_server 192.168.0.213 80 {
     TCP_CHECK {
       connect_timeout 1
#      nb_get_retry 2
#      delay_before_retry 60
     }
   }
}

The servers are debain2 and debain3.

Now if debian3 is master i can netcat into port 8080 to debian2 but it

won't work for debian3 locally using rr algorithm. same would happen if

debian2 was master and debian3 backup. however i can ping the VIP from

any local pc.

rootdebian3:/etc/keepalived# ipvsadm -l -n --stats
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port               Conns   InPkts  OutPkts  InBytes 
OutBytes
   -> RemoteAddress:Port
TCP  192.168.0.199:8080                  8       21       10     
1205      572
   -> 192.168.0.212:80                    4       17       10      
965      572
   -> 192.168.0.213:80                    4        4        0      
240        0

In the above debian3 is master and debian 2 is backup. nothing is sent

back when it tries itself

rootdebian3:/etc/keepalived# ipvsadm -ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
   -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
TCP  192.168.0.199:8080 rr
   -> 192.168.0.212:80             Masq    1      0          0
   -> 192.168.0.213:80             Local   1      0          0

2: eth0: <broadcast,multicast,up,lower_up>mtu 1500 qdisc pfifo_fast 
state UP qlen 1000
     link/ether 00:17:31:8f:74:1c brd ff:ff:ff:ff:ff:ff
     inet 192.168.0.213/24 brd 192.168.0.255 scope global eth0
     inet 192.168.0.199/32 scope global eth0
     inet6 fe80::217:31ff:fe8f:741c/64 scope link
        valid_lft forever preferred_lft forever</broadcast,multicast,up,lower_up> 

I have the following in ''/etc/sysctl.conf''

net.ipv4.ip_forward = 1

net.ipv4.ipnonlocalbind = 1

net.ipv4.conf.default.arp_ignore = 1

net.ipv4.conf.default.arp_announce = 2

net.ipv4.conf.default.rp_filter = 0

I have manually tried to add NAT rule onto backup using ''iptables -A

PREROUTING -t nat -d 192.168.0.199 -p tcp -j REDIRECT'' but that doesn't

work. I have also tried to change ''lb_kind'' to ''DR'' but that doesn't

work. I have read many how to guides and have followed exactly same

procedures and none seem to work.

I have loaded modules using modprobe

From my understanding keepalived can be used to load balance and have for failover without the use of HA proxy