LVS
lvs-users
Google
 
Web LinuxVirtualServer.org

RE: [Q]Send certain packet to *ALL* real server

To: "'Wayne'" <wayne@xxxxxxxxxxxxxxx>, Gong Wei <ccegongw@xxxxxxxxxx>, "'Ted Pavlic'" <tpavlic@xxxxxxxxxxx>, Joseph Mack <mack@xxxxxxxxxxx>, Brian Edmonds <bedmonds@xxxxxxxxxxx>
Subject: RE: [Q]Send certain packet to *ALL* real server
Cc: lvs-users@xxxxxxxxxxxxxxxxxxxxxx
From: Gong Wei <ccegongw@xxxxxxxxxx>
Date: Sat, 29 Jul 2000 09:18:19 +0800
There are two types of traffic here: from switch to the management server,
and from client PC to the management server.  We only want the
"switch->server" to be multiplexed as the latter (PC->server) conversation
depends on info submitted in switch->server conversation.

Currently the switch->server traffic is UDP (SNMP trap in fact), however, I
am not sure whether the server will send back reply traffic to the switch
:-)

-----Original Message-----
From: Wayne [mailto:wayne@xxxxxxxxxxxxxxx]
Sent: Saturday, July 29, 2000 8:24 AM
To: Gong Wei; 'Ted Pavlic'; Joseph Mack; Brian Edmonds
Cc: lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Subject: RE: [Q]Send certain packet to *ALL* real server


At 08:09 AM 7/29/00 +0800, Gong Wei wrote:
>One of the practical application in our environment is for network
>management purpose.  We have a group of management server, however, for
load
>sharing/HA purpose I would like to let all of them appear as a single IP.
>
>The way the overall system works is that whenever there is a link state
>change on the edge switch port (connect/disconnect a pc/notebook to the
>switch port, for instance), a trap will be sent to the management server,
>which contains important info like the location of the switch, MAC address
>of the client, etc.  These information will be used later to generate audit
>reports.
>
>Unfortunately currently there is no way to send certain packets to all real
>server, so unless the subsequent packets from the *client* (not the switch)
>happended to reach the real server, or else ....

This is obviously against what LVS trying to accomplish -- reduce
the load to each server.  You are looking for a load "multiplier" which
should be implemented in your application to sync their data, rather
than using LVS to do that.

>Obviously I could use persistence feature with 0.0.0.0 as the netmask, but
>this doesn't sounds like a neat solution ...
>
>The "security/flooding" concern something valid as not every system
>administrator knows what they are doing :-)
>
>This is just one particular instance whereby I found LVS doesn't fit into
>the picture nicely.  In other situations especially WWW/FTP, it works
really
>nice!
>
>-----Original Message-----
>From: Ted Pavlic [mailto:tpavlic@xxxxxxxxxxx]
>Sent: Saturday, July 29, 2000 4:28 AM
>To: Joseph Mack; Brian Edmonds
>Cc: lvs-users@xxxxxxxxxxxxxxxxxxxxxx
>Subject: Re: [Q]Send certain packet to *ALL* real server
>
>
> > I take it just having the DNS on the real-servers as secondaries to the
> > master machine independant of the LVS just doesn't fly?
> > I don't know how NOTIFY works. How does a primary machine NOTIFY
> > secondaries? From what I know from setting them up, the primaries don't
> > push, they respond to requests.
>
>The primary servers do send notifies to the authoritative secondary servers
>(i.e., all of the NS records in a domain).
>
>The notifies don't push information, they simply tell the secondaries that
>it is time to pull information for domain-X. They basically force the
>authoritative secondaries to do a zone transfer before their zone
>information has expired.
>
>It would be useful to be able to send one notify to all servers at one time
>thus causing all of them to go and pull all of their information
>immediately...
>
>BUT... I'm not quite sure how RFC it is to have DNS behind an LVS. Any
>thoughts on this?
>
>However -- I'm sure there are other uses for having the ability to send a
>packet to all real servers at once... I just can't think of any right
now...
><?>
>
>Personally I don't know if it would be worth the hassle. And I think I'd be
>worried about security... that is -- I'd be worried that someone could
flood
>all of my real servers at once. That wouldn't be cool.
>
>
>
>



<Prev in Thread] Current Thread [Next in Thread>