|
Hi guys,
Let me try to help you a little bit
I am not currently using LVS, but i am planning to try it in the near
future.
When i read the doc i didnt find the answer about how ICMP packet are
redirected from VIP to Real Severs.
When asked about how this problem is handled i received the answer that this
packets are just ignored.
If i am wrong just fix me.
What kind of problems this can cause?
Assume that we have TCP connections...and real server is trying to respond
to client, but it cannot reach it.
The client is down, the route to him doesnt exist anymore, the intermadiate
gateway is congested or such kind of shits. In these cases your VIP will
receive
ICMP packets /dest unreachable, source quench and friends/ if you dont route
this packets to the real server /but the correct one/ you will affect
performance of the LVS. For example TCP will continue to re/send packets to
the client because they are not confirmed, and gateways will continue to
send you ICMP packets back /to VIP/ for every packets they droped. Of course
TCP stack will drop these kind of connection after his timeouts expired, but
if redirector send him these ICMP packets, this will occur a little bit
earlier, and will avoid overloading the redirector with ICMP stuff.
When you receive a ICMP packet it contains the full IP header of the packet
that cause this ICMP to be generated + 64bytes of its data, so you can
assume that you have the TCP/UDP header too. So it is possible to implements
"Persitance rules" for ICMP packages.
I hope this will help you.
Thanks
Jiko
|
