Re: [lvs-users] LVS + Apache + Tomcat

To:	"LinuxVirtualServer.org users mailing list." <lvs-users@xxxxxxxxxxxxxxxxxxxxxx>
Subject:	Re: [lvs-users] LVS + Apache + Tomcat
From:	Martijn Marsman <m.marsman@xxxxxxxxxxxxxxxx>
Date:	Wed, 22 Jul 2009 16:06:26 +0200

Yes, the ARP problem was my first thought.

But i checked it on the realservers (we did it with arptables)

Chain IN (policy ACCEPT)
DROP anywhere thesite.com anywhere anywhere 
DROP anywhere 192.168.3.61 anywhere anywhere
DROP anywhere 192.168.3.61 anywhere anywhere

Chain OUT (policy ACCEPT)
mangle anywhere thesite.com anywhere anywhere
mangle anywhere 192.168.3.61 anywhere anywhere
mangle anywhere 192.168.3.62 anywhere anywhere

followed by: --mangle-ip-s realserver1.thesite.com (for all 3)

This seems to be correct, also i changed the scheduling from Least
connections to Round robin. Every realserver gets his share now.

But, the problem still exist, sessions are suddenly cut-off and users
are beeing kicked to another realserver.

It does not look to me like an LVS problem... is there a check i can do
to rule out the ARP problem?
--
Thanks in advance

Martijn




On Wed, 2009-07-22 at 11:43 +0000, Graeme Fowler wrote:
> On Wed, 2009-07-22 at 10:29 +0200, Martijn Marsman wrote:
> > We have noticed that node 1 gets all the connections, after half an hour, 
> > node 1 goes idle and node 2 gets all the connections. User complain about 
> > beeing thrown out of their session on the site and go back to the frontpage.
> 
> This is a classic example of "the ARP problem".
> 
> This is an LVS-DR setup, isn't it? The realservers (nodes 1 and 2) are
> responding to ARP queries for the VIP, and the traffic is bypassing the
> director.
> 
> There are several ways to solve this but the best way is to use the
> appropriate sysctls as follows:
> 
> # LVS switches
> net.ipv4.conf.lo.arp_ignore = 1
> net.ipv4.conf.lo.arp_announce = 2
> net.ipv4.conf.all.arp_ignore = 1
> net.ipv4.conf.all.arp_announce = 2
> 
> You may need to amend that depending on the interface you put the dummy
> VIP onto. That stops the realserver kernel replying to "ARP who-has"
> requests for the VIP.
> 
> Graeme
> 
> 
> _______________________________________________
> Please read the documentation before posting - it's available at:
> http://www.linuxvirtualserver.org/
> 
> LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
> Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
> or go to http://lists.graemef.net/mailman/listinfo/lvs-users
> 


_______________________________________________
Please read the documentation before posting - it's available at:
http://www.linuxvirtualserver.org/

LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
or go to http://lists.graemef.net/mailman/listinfo/lvs-users

<Prev in Thread]	Current Thread	[Next in Thread>
[lvs-users] LVS + Apache + Tomcat, Martijn Marsman Re: [lvs-users] LVS + Apache + Tomcat, Graeme Fowler Re: [lvs-users] LVS + Apache + Tomcat, Martijn Marsman <= Re: [lvs-users] LVS + Apache + Tomcat, Joseph Mack NA3T

Previous by Date:	Re: [lvs-users] Lvs for multi-site/subnet terminal services, L.S. Keijser
Next by Date:	Re: [lvs-users] LVS + Apache + Tomcat, Joseph Mack NA3T
Previous by Thread:	Re: [lvs-users] LVS + Apache + Tomcat, Graeme Fowler
Next by Thread:	Re: [lvs-users] LVS + Apache + Tomcat, Joseph Mack NA3T
Indexes:	[Date] [Thread] [Top] [All Lists]