Persistence through a firewall

To:	<lvs-users@xxxxxxxxxxxxxxxxxxxxxx>
Subject:	Persistence through a firewall
From:	"Brett Simpson" <Simpsonb@xxxxxxxxxxxxxxxxxxxxxx>
Date:	Wed, 11 Aug 2004 10:28:15 -0400

I have an LVS director that uses wrr with 3600 of persistence for two real 
servers. I noticed that connections going through a firewall from my internal 
network tend to get locked into one of my real servers but usually doesn't go 
to the other real server unless all of the connections have expired to the 
first real server.

>From what I understood with LVS is it's support to use the source IP for 
>persistence but I wasn't sure if it also used a source port. 

Would using a different scheduler or a kernel upgrade (with a new lvs version) 
work around this?

I'm using ipvsadm v1.21 2002/11/12 (compiled with popt and IPVS v1.0.9).
Thanks,
Brett

<Prev in Thread]	Current Thread	[Next in Thread>
Persistence through a firewall, Brett Simpson <= Re: Persistence through a firewall, Roberto Nibali Re: Persistence through a firewall, Horms Re: Persistence through a firewall, Brett Simpson

Previous by Date:	Re: timeout in fedora c2, Yunfeng Hou
Next by Date:	roadmap of lvs and my wish list, Yunfeng Hou
Previous by Thread:	What is the purpose of setting metric to 254 in DR mode?, lstep
Next by Thread:	Re: Persistence through a firewall, Roberto Nibali
Indexes:	[Date] [Thread] [Top] [All Lists]