Re: [lvs-users] localnode question

To: Julian Anastasov <ja@xxxxxx>, Simon Horman <horms@xxxxxxxxxxxx>
Subject: Re: [lvs-users] localnode question
Cc: " users mailing list." <lvs-users@xxxxxxxxxxxxxxxxxxxxxx>
From: Dean Scothern <dean.scothern@xxxxxxxxxxxxxx>
Date: Thu, 8 Dec 2011 08:45:53 +0000

I'm a little confused when you talk about 'the patch'

Is this the section that is relevant:

I'm trying to get the behaviour working on a rhel/centos 6 kernel which is 
based on 2.6.32.

To my unpractised eye the differences between ipvs  on vanilla and do not seem too great. It seems involved on adding SCTP support.
I'm hoping (probably futile) that I might be able to use the files in the url 
above with little or no alteration.
Is that a vain hope?

Also to clarify, the new behaviour is that for ipvs nat to a IP on the node, 
the application needs to listen on the RIP and not the VIP?

Many Thanks

>       What is changed with this patch from 2010-OCT-17 is that LOCALNODE
>mode (whether RIP is local IP or not) is determined for every packet, not
>when real server is updated.
>It helps to survive master-backup role change without modifying the real
>servers and avoids packet loops on the LVS box as found here:
>       It also allows Masq mode to use local RIP:RPORT
>       Now the rules are almost same:
>- DR (Route) means: do not change packets, just route to RIP.
>       While RIP is local IP use LOCALNODE mode.
>- NAT (Masq) means: change packets, route to RIP. If RIP is
>       local IP it looks like LOCALNODE but NAT happens.
>       Before this patch LOCALNODE worked by not
>       modifying packets - local servers must listen on VIP.
>- TUN means: do not change packets, just tunnel them to RIP
>       by prepending IPIP header if RIP is remote IP or work
>       as LOCALNODE mode if RIP is local.
>       So, LOCALNODE is not a forced mode but overrides the actual mode
>while RIP is local IP.
>       If Masq mode is used, the box where this RIP is configured must listen
>on RIP.
>       If Route/Tun mode is used, the box where this RIP is configured must
>listen on VIP to accept the traffic.
>       I also want to note that I remember for possible Netfilter conntrack
>collisions if NAT was used in master-slave setup and when roles are changed.
>But I may be wrong about this. There should be no problems if conntrack is
>not used.
>       So, now, even for boxes that change roles and use NAT, the
>applications must listen on RIP, not on VIP.
>Julian Anastasov <ja@xxxxxx>

Please read the documentation before posting - it's available at: mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
or go to

<Prev in Thread] Current Thread [Next in Thread>