Treatment of server-side RSTs

To:	"LinuxVirtualServer.org users mailing list." <lvs-users@xxxxxxxxxxxxxxxxxxxxxx>
Subject:	Treatment of server-side RSTs
From:	Ian G Batten <I.G.Batten@xxxxxxxxxx>
Date:	Wed, 10 Sep 2003 14:07:31 +0100

I've just started trying to put my news server behind LVS.  This is so
that I can move it to a new machine without waiting for DNS propagation
times more than anything else.

My long-standing (last recompiled in 1996!) news server is now giving
unexpected socket closes when talking to trn, at least, and probably
other clients.

Closer examination reveals that INN times out idle connections after
30s, and sends an RST.  I confess to being out of my depth, tracing
through Salz and Wall code, but rather than closing the connection down,
trn appears to continue to send and get responses when talking direct to
a realserver.

elara is the client, ftel the server.

Here is the ACK for the last frame of the fetching of the active file:

  9.67888 elara.ftel.co.uk -> ftel.ftel.co.uk ETHER Type=0800 (IP), size = 54 
bytes
  9.67888 elara.ftel.co.uk -> ftel.ftel.co.uk IP  D=192.65.220.23 S=172.16.2.63 
LEN=40, ID=16233, TOS=0x0, TTL=64
  9.67888 elara.ftel.co.uk -> ftel.ftel.co.uk TCP D=119 S=37095 Ack=4126103406 
Seq=1823663889 Len=0 Win=49640
  9.67888 elara.ftel.co.uk -> ftel.ftel.co.uk NNTP C port=37095 

Then I leave trn to sit, so this timeout packet arrives:

 31.74277 ftel.ftel.co.uk -> elara.ftel.co.uk ETHER Type=0800 (IP), size = 60 
bytes
 31.74277 ftel.ftel.co.uk -> elara.ftel.co.uk IP  D=172.16.2.63 S=192.65.220.23 
LEN=40, ID=50483, TOS=0x0, TTL=254
 31.74277 ftel.ftel.co.uk -> elara.ftel.co.uk TCP D=37095 S=119 Rst Win=49640
 31.74277 ftel.ftel.co.uk -> elara.ftel.co.uk NNTP R port=37095 

And then I finally ask trn to do something, and it happily does so:

 61.01442 elara.ftel.co.uk -> ftel.ftel.co.uk ETHER Type=0800 (IP), size = 69 
bytes
 61.01442 elara.ftel.co.uk -> ftel.ftel.co.uk IP  D=192.65.220.23 S=172.16.2.63 
LEN=55, ID=16234, TOS=0x0, TTL=64
 61.01442 elara.ftel.co.uk -> ftel.ftel.co.uk TCP D=119 S=37095 Push 
Ack=4126103406 Seq=1823663889 Len=15 Win=49640
 61.01442 elara.ftel.co.uk -> ftel.ftel.co.uk NNTP C port=37095 GROUP 
uk.misc\r\n

 61.04432 ftel.ftel.co.uk -> elara.ftel.co.uk ETHER Type=0800 (IP), size = 85 
bytes
 61.04432 ftel.ftel.co.uk -> elara.ftel.co.uk IP  D=172.16.2.63 S=192.65.220.23 
LEN=71, ID=26453, TOS=0x0, TTL=253
 61.04432 ftel.ftel.co.uk -> elara.ftel.co.uk TCP D=37095 S=119 Push 
Ack=1823663904 Seq=4126103406 Len=31 Win=8760
 61.04432 ftel.ftel.co.uk -> elara.ftel.co.uk NNTP R port=37095 211 628 955968 
95659

But via LVS, initially things go the same, down to:

  7.42935 elara.ftel.co.uk -> ext-proxy.ftel.co.uk ETHER Type=0800 (IP), size = 
54 bytes
  7.42935 elara.ftel.co.uk -> ext-proxy.ftel.co.uk IP  D=192.65.220.53 
S=172.16.2.63 LEN=40, ID=45975, TOS=0x0, TTL=64
  7.42935 elara.ftel.co.uk -> ext-proxy.ftel.co.uk TCP D=119 S=37098 
Ack=4218680163 Seq=2002728032 Len=0 Win=49640
  7.42935 elara.ftel.co.uk -> ext-proxy.ftel.co.uk NNTP C port=37098 

and ipvsadm --list -c reports:

TCP 14:57  ESTABLISHED 172.16.2.63:37098  192.65.220.53:119  192.65.220.23:119

but then I get this:

 29.99934 ext-proxy.ftel.co.uk -> elara.ftel.co.uk ETHER Type=0800 (IP), size = 
60 bytes
 29.99934 ext-proxy.ftel.co.uk -> elara.ftel.co.uk IP  D=172.16.2.63 
S=192.65.220.53 LEN=40, ID=53824, TOS=0x0, TTL=254
 29.99934 ext-proxy.ftel.co.uk -> elara.ftel.co.uk TCP D=37098 S=119 Rst 
Win=49640
 29.99934 ext-proxy.ftel.co.uk -> elara.ftel.co.uk NNTP R port=37098 

and ipvsadm reports:

TCP 00:02  CLOSE       172.16.2.63:37098  192.65.220.53:119  192.65.220.23:119

and unsurprisingly, when I shortly afterwards hit return I get:

 91.01342 elara.ftel.co.uk -> ext-proxy.ftel.co.uk ETHER Type=0800 (IP), size = 
78 bytes
 91.01342 elara.ftel.co.uk -> ext-proxy.ftel.co.uk IP  D=192.65.220.53 
S=172.16.2.63 LEN=64, ID=45976, TOS=0x0, TTL=64
 91.01342 elara.ftel.co.uk -> ext-proxy.ftel.co.uk TCP D=119 S=37098 Push 
Ack=4218680163 Seq=2002728032 Len=24 Win=49640
 91.01342 elara.ftel.co.uk -> ext-proxy.ftel.co.uk NNTP C port=37098 GROUP 
uk.politics.mi

 91.01451 ext-proxy.ftel.co.uk -> elara.ftel.co.uk ETHER Type=0800 (IP), size = 
60 bytes
 91.01451 ext-proxy.ftel.co.uk -> elara.ftel.co.uk IP  D=172.16.2.63 
S=192.65.220.53 LEN=40, ID=0, TOS=0x0, TTL=62
 91.01451 ext-proxy.ftel.co.uk -> elara.ftel.co.uk TCP D=37098 S=119 Rst 
Seq=4218680163 Len=0 Win=0
 91.01451 ext-proxy.ftel.co.uk -> elara.ftel.co.uk NNTP R port=37098 


Does anyone have any ideas?  It looks like my plans to use LVS in front
of an NNTP cluster are scuppered.

ian

<Prev in Thread]	Current Thread	[Next in Thread>
Treatment of server-side RSTs, Ian G Batten <= Re: Treatment of server-side RSTs, Ian G Batten

Previous by Date:	DNS alias, Kettler, Holger
Next by Date:	Re: DNS alias, Bjoern Metzdorf
Previous by Thread:	DNS alias, Kettler, Holger
Next by Thread:	Re: Treatment of server-side RSTs, Ian G Batten
Indexes:	[Date] [Thread] [Top] [All Lists]