|
Hi
No luck...
I've been running production for the entire of today on a kernel with
SMP disabled. /proc/cpuinfo only shows a single XEON cpu. I still get
that say for 2 minutes every 30 minutes that all packets are dropped to
iptables.
If there's any more info that would help, don't hesitate to ask.
Kind regards
Johan van den Berg
Johan van den Berg wrote:
Hi
I know that most of you already know about this problem that I have,
and will therefore only give a brief description:
An incoming connection gets successfully added to the connection
table, and ip_vs nats the packet to the correct real server. Every now
and again though, the response from the real server, upon lookup, does
not find the correct vip in the connection table, and ip_vs passes the
packet to iptables.
Someone earlier mentioned that the lookup might fail because of a race
condition within the kernel. Could this be because of
SMP/Hyperthreaded CPU's? Should I even try compiling my kernel for no
SMP support to see if it helps?
I have a Intel XEON 2 processor HT box, now running RH8, and a vanilla
2.4.28 with the ipvs-nfct-2.4.27-3 patch applied (I was hoping to see
the failed lookup not causing problems because iptables would also
find the entry in its own lookup table, but I obviously misunderstood
the implications of nfct, as the problem still persists).
Johan van den Berg
---------------------------------------------------------------------------
This message (and attachments) is subject to restrictions and a
disclaimer. Please refer to http://www.unisa.ac.za/disclaimer for
full details.
---------------------------------------------------------------------------
<<<<gwavasig>>>>
<<<< gwavasig >>>>
------------------------------------------------------------------------
|
