LVS
lvs-users
Google
 
Web LinuxVirtualServer.org

Re: [lvs-users] ipvsadm and packets leaving a gre tunnel

To: "LinuxVirtualServer.org users mailing list." <lvs-users@xxxxxxxxxxxxxxxxxxxxxx>
Subject: Re: [lvs-users] ipvsadm and packets leaving a gre tunnel
Cc: Horms <horms@xxxxxxxxxxxx>
From: Joseph Mack NA3T <jmack@xxxxxxxx>
Date: Tue, 22 Jul 2008 08:25:50 -0700 (PDT)
On Tue, 22 Jul 2008, Marco Lorig wrote:

Both "directors" are connected via GRE. The first director starts routing to the second one through the tunnel as soon as the realservers behind it aren´t available anymore. So it "turns off" the ipvsadm and switches itself to a routing instance.

neat.

How do the clients know which datacenter to route to?

The second director, which also serves clients and servers at its location by ipvsadm, starts another ipvsadm instance on the GRE interface and is receiving routed packets from the first director through GRE tunnel.

I see.

can you set mss on this interface?

ip_vs() does all sorts of things to the interface. I don't expect anyone has tried LVS on a gre interface.

client->director1->gre-tunnel->director2->realserver?

I assume you have two directors in some standard failover
setup and only one is directing when your LVS is up?

It isn´t a typical failover scenario. On each location are two machines (master/slave). The failover I´m talking about is switching between datacenters.

got it.

If the realservers after director1 at location 1 aren´t available anymore, the director1 starts normal routing operation through tunnel to the other director2 at location 2, which handles it´s own ipvsadm instances, clients and realservers. The director2 now serves client from location 1 with servers at location 2 through GRE Tunnel.

the copy has nothing to do with LVS? ie you can do the copy
when there is nothing in the ipvsadm table in the 2nd
(inactive) director, but as soon as you put entries into
ipvsadm on the backup director, the gre tunnel breaks?

Making a connection from client n, location 1, to an address on director 1, the director1 routes the packets through the tunnel to location 2. Without running ipvsadm on director 2, location2, the connection establishes correctly and the a 600Kb file transfer works fine.

Starting ipvsadm on the gre interface of director2, location2, makes the file transfer hang due to mtu issues, I presume.


Horms:

any ideas? This worked with a 2.4.x kernel on the directors and broke when he moved to 2.6.x.



(Any code fixes aren't likely to arrive in time to help here.) What if you use two nics, one for the gre tunnel with mss set and one for ipvsadm?


All instances on ipvsadm breaks the tunnel except if a client connects before to the realserver directly as is explained in the "update" email, I sent previously.

I didn't get this. You have a route from the client to director1, through the gre tunnel, to director2 (with no ipvsadm rules) to the realserver? (the realserver has a public IP?)

Joe

--
Joseph Mack NA3T EME(B,D), FM05lw North Carolina
jmack (at) wm7d (dot) net - azimuthal equidistant map
generator at http://www.wm7d.net/azproj.shtml
Homepage http://www.austintek.com/ It's GNU/Linux!




<Prev in Thread] Current Thread [Next in Thread>