LVS
lvs-users
Google
 
Web LinuxVirtualServer.org

ldirectord problem assigning multiple External IPs to duplicate internal

To: lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Subject: ldirectord problem assigning multiple External IPs to duplicate internal RIPs
From: Todd Lyons <tlyons@xxxxxxxxxx>
Date: Thu, 13 Jan 2005 19:47:59 -0800
Imagine the following scenario.  The IP addresses are made up.  All
ports concerned are port 80.

External IPs  4.1.2.41, 4.1.2.151, 4.1.2.153, and 4.1.2.154.
Internal RIPs 10.1.1.160, 10.1.1.161

VIPs for all 4 external IPs are defined on the two internal boxes as
lo:0, lo:1, lo:2, lo:3.

In ldirectord.cf:
virtual = 4.1.2.41:http
        real = 10.1.1.160->10.1.1.161:http gate 100
        checktype = negotiate
        scheduler = wrr

virtual = 4.1.2.151:http
        real = 10.1.1.160->10.1.1.161:http gate 100
        checktype = negotiate
        scheduler = wrr

virtual = 4.1.2.153:http
        real = 10.1.1.160->10.1.1.161:http gate 100
        checktype = negotiate
        scheduler = wrr

virtual = 4.1.2.154:http
        real = 10.1.1.160->10.1.1.161:http gate 100
        checktype = negotiate
        scheduler = wrr

If I configure heartbeat/ldirectord to only bring up the first VIP 
(4.1.2.41), it comes up properly:
TCP  rproxy1.domain.com:www wrr
  -> rproxy1b.domain.net:www      Route   100    43         2749
  -> rproxy1a.domain.net:www      Route   100    33         2801

If I configure heartbeat/ldirectord to bring up all four VIPs, it only
brings up the first one:
TCP  rproxy1.domain.com:www wrr
  -> rproxy1b.domain.net:www      Route   100    45         2817
  -> rproxy1a.domain.net:www      Route   100    36         2844
TCP  deimos.domain.com:www wrr
TCP  oberon.domain.com:www wrr
TCP  cordelia.domain.com:www wrr

This seems to be a limitation of ldirectord because I can add the RIPs
into the VIP definitions with the ipvsadm commands manually.  Heartbeat
does bring up all VIPs properly.  So without having looked at the code
yet, I have a couple of questions:
1) Is this in fact ldirectord refusing to assign the same RIP:port
combination to multiple VIPs?  I specifically say RIP:port because I am
successfully bringing up multiple VIPs that go to the same RIPs but on
different ports (imap and pop).
2) Is there a reason why this is prohibited?  Or is it simply an
application that everybody says "only an idiot would do something like
that?" :-)

In our case, all traffic coming in on .41 is because our DNS is
configured for that.  Any old customers doing their own DNS that have
old IP assignments may still be using .151 or .153 or .154.  So we are
unable to effect a change from their end, and we need to continue the
load balancing for each VIP to the same two RIPs.  Note that it could be
any number of RIPs in the practical case.

Any comments and further questions are welcome.  I also will make myself
available in the #linux-ha channel on freenode (nick cannonball) from
9:30 AM - 6:00 PM PST (GMT-0800) if anybody has any fantastic
suggestions.
-- 
Regards...              Todd
  We should not be building surveillance technology into standards.
  Law enforcement was not supposed to be easy.  Where it is easy, 
  it's called a police state.             -- Jeff Schiller on NANOG
Linux kernel 2.6.8.1-12mdkenterprise   2 users,  load average: 0.04, 0.08, 0.08

<Prev in Thread] Current Thread [Next in Thread>