|
On Wed, Jul 23, 2008 at 03:23:53PM +0200, Marco Lorig wrote:
>
> -------- Original-Nachricht --------
> > Datum: Wed, 23 Jul 2008 13:55:23 +1000
> > Von: Simon Horman <horms@xxxxxxxxxxxx>
>
> > What forwarding mechanism are you using on the second director,
> > and are any of its real-servers local (i.e. an address that
> > belongs to the second real server).
>
> ipvsadm-nat. There are no local ips on the director2 for realservers. All
> realservers are stand-alone machines in the same network as director2.
Ok, thanks.
What I am suspecting (which I suspect is what you are suspecting) is
that for some reason when packets are forwarded by LVS (-NAT) on
ldirector2 they don't trigger a needs-fragmentation icmp,
which should be sent from ldirector2 to the real server in question
and thus the pmtu isn't reduced according to the limitation of the gre
tunnel between ldirector2 and ldirector1.
As you suggest in your previous emails, the pmtu will be cached by
ldirector2, which explains why things work if you initialise a
connection without lvs active on ldirector2 and then one with
lvs active on ldirector2.
Incidently, I believe that the following will flush the route cache.
Which may be useful during testing.
echo 1 > /proc/sys/net/ipv4/route/flush
> > I only ask so that I can try and reproduce the problem.
>
> okay, maybe it helps if i send the config params for debian 4.0 of both
> directors: routing, tunneling and ipvsadm?
Yes, every little bit helps.
--
Horms
|
