LVS
lvs-users
[Top] [All Lists]
Google
 
Web LinuxVirtualServer.org
<prev [Date] next> <prev [Thread] next>

Re: [lvs-users] lvs works behind a hareware firewall through public netw

from [Vincent Li] [Permanent Link]
To: "LinuxVirtualServer.org users mailing list." <lvs-users@xxxxxxxxxxxxxxxxxxxxxx>
Subject: Re: [lvs-users] lvs works behind a hareware firewall through public network
From: Vincent Li <vincent.mc.li@xxxxxxxxx>
Date: Mon, 4 Nov 2013 15:49:48 -0800 
do you have any sort of persistence configuration in LVS?  it is
unlikely caused by LVS if you have no persistence in LVS. what does
ipvsadm -L -n look like ? how do you count the access log? counting
for HTTP request on same tcp connection (http cookie maybe involved
and not really imbalance of LVS) or different tcp connection to
server? do you have tcpdump shows imbalanced connection to server?

Vincent



On Thu, Oct 24, 2013 at 3:58 AM, 孙楠松 <sunnansong@xxxxxxxxxxxxxxx> wrote:
> Hi there !
>
>
>
>          I have an emergency problem now , and I join this mail list expect
> some help , thanks all of you !
>
>
>
>          The case scene:
>
>          user ---->  public IP( supplied by a hardware firewall)  ----->
> public IP(supplied by LVS : NAT,rr)  ---->  5 Real Servers(nginx、php-fpm)
> ----> Mysql
>
>          maybe you can see the hidden trouble , lvs only can see only one
> client(one prublic IP , the hardware firewall)
>
>
>
>          The trouble is:
>
>          Sometimes , the request is very unbalanced !
>
> lvs puts a lots of requests to 1 real server. And this poor、unlucky real
> server have to handle 3 times more then others!
>
> I count this from the nginx access.log
>
>          most of the times , lvs balances well!
>
>          I try to use LeastConn instead of RoundRobin, but doest effect.
>
>
>
>          (some one said the frewall and LVS should work in a LAN, why must I
> use this architecture? Because some more cold backup firewalls are in
> different IDC. to prevent DDOS and redundancy )
>
>
>
>          Any ideas ? Thanks very mych !
>
> _______________________________________________
> Please read the documentation before posting - it's available at:
> http://www.linuxvirtualserver.org/
>
> LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
> Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
> or go to http://lists.graemef.net/mailman/listinfo/lvs-users

_______________________________________________
Please read the documentation before posting - it's available at:
http://www.linuxvirtualserver.org/

LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
or go to http://lists.graemef.net/mailman/listinfo/lvs-users
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
  • Re: [lvs-users] lvs works behind a hareware firewall through public network, Vincent Li <=
Next by Date:  [lvs-users] Is ldirectord the right choice for https through and through, Jacob Gibson
Next by Thread:  [lvs-users] Is ldirectord the right choice for https through and through, Jacob Gibson
Indexes:  [Date] [Thread] [Top] [All Lists]