Re: [lvs-users] FTP persistence template synced between director nodes?

To: Phillip Moore <pdm@xxxxxxxxx>
Subject: Re: [lvs-users] FTP persistence template synced between director nodes?
Cc: " users mailing list." <lvs-users@xxxxxxxxxxxxxxxxxxxxxx>
From: Julian Anastasov <ja@xxxxxx>
Date: Sun, 3 Feb 2019 21:30:12 +0200 (EET)

On Fri, 1 Feb 2019, Phillip Moore wrote:

> We are having some issues where when using a catch-all persistence VIP for
> an FTP service and not any of the ftp ip_vs kernel modules. Sometimes when
> a client sends the request to the data port it lands on the wrong backend
> FTP server instead of the original control sessions backend.  We have
> multiple director nodes in an active/active setup using anycast/BGP to get
> traffic to the nodes. So it is possible and even likely that the second
> connection to the data port would land on a different director node than
> the control session.  We do have session syncing working between these
> nodes.
> Is the persistence template state synced between nodes?  Or, does each node
> create its own persistence template and could hash to a different backend
> than the other nodes?  We are using WRR right now for the lb algorithm.

        The templates are synced but when it happens depends on the sysctl
vars. What is your configuration?

grep . /proc/sys/net/ipv4/vs/sync_*

        With default settings, the templates are synced too often which
can lead to lost sync messages.

> We are running on Centos 7.6 kernel 3.10.0-957
> Example of our configuration:
> -A -t vip:0 -s wrr -p 600
> -a -t vip:0 -r realip_1:0 -i -w 1
> -a -t vip:0 -r realip_2:0 -i -w 1
> -a -t vip:0 -r realip_3:0 -i -w 1
> -a -t vip:0 -r realip_4:0 -i -w 1


Julian Anastasov <ja@xxxxxx>

Please read the documentation before posting - it's available at: mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
or go to

<Prev in Thread] Current Thread [Next in Thread>