Re: [lvs-users] ipvsadm and packets leaving a gre tunnel

To: " users mailing list." <lvs-users@xxxxxxxxxxxxxxxxxxxxxx>
Subject: Re: [lvs-users] ipvsadm and packets leaving a gre tunnel
From: "Marco Lorig" <MLORIG@xxxxxxx>
Date: Wed, 30 Jul 2008 15:45:09 +0200
-------- Original-Nachricht --------
> Von: Joseph Mack NA3T <jmack@xxxxxxxx>
> are there any assymetries involved? Like a "get" needs to 
> open a connection (identd?) that "put" doesn't (I can't 
> imagine it, but something assymetric seems to be going on). 
> I don't expect there's any assymetry in the scp tcp 
> connection itself (it's just a single port connection, and 
> tcp won't know whether there's a get or a put going on 
> underneath).

Only scp/ssh TCP/22 as i can see by tcpdump.
> I think you're using LVS-NAT, so you have the same route for 
> packets in both directions. Do you have any iptables rules 
> that might affect what's going on? (even so they're at the 
> tcp level and will affect a get and put the same).

iptables is turned of at the moment.

> And the problem is gre tunnel dependant? ie it works 
> fine if you have two directors connected by a regular 
> non-gre path.

I'm going to test it now.

> Can you do try an alternate protocol to see if it's 
> something in scp? I hate to suggest ftp, since it's 
> problematic with LVS (it works OK if you set it up properly 
> - see the HOWTO - but it's easy to not set it up properly), 
> but I can't think of another protocol that's not based on 
> the sxxx protocol.

Using ldap causes the same problem. But I didn't test a ldap "put" to the 
server, only a get fails (like scp).



<Prev in Thread] Current Thread [Next in Thread>