Re: [lvs-users] ldirectord question

To:	lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Subject:	Re: [lvs-users] ldirectord question
From:	Anders Henke <anders.henke@xxxxxxxx>
Date:	Mon, 23 Jun 2014 12:37:13 +0200

By using connection synchronization (ipvsadm --start-daemon), you can do the 
very same for a loadbalancer like what firewalls do for moving TCP states 
between failover pairs: your "active" loadbalancer does periodically send a 
list of currently known connections to your backup loadbalancer, who in order 
creates corresponding state entries.

If the primary loadbalancer fails and your backup loadbalancer kicks in, it's 
aware of almost all states known at the failed loadbalancer. The backup 
loadbalancer may continue where the broken loadbalancer did leave off.

However, this doesn't help with your original question: if the actual endpoint 
of your tcp connection dies (your realserver), there's nothing else then trying 
to re-establish a new connection.




Best,
Anders


On 20.06.2014, Ilo Lorusso wrote:
> Thanks for the feedback,
> 
> Once we have scheduled new connections to the new real server and we have 
> this existing connection  using quiescence ,
> 
> Why can't we move that existing connection to another real server ?
> 
> I know firewalls can move existing connections and TCP states between 
> failover pairs 
> 
> -----Original Message-----
> From: lvs-users-bounces@xxxxxxxxxxxxxxxxxxxxxx 
> [mailto:lvs-users-bounces@xxxxxxxxxxxxxxxxxxxxxx] On Behalf Of Simon Horman
> Sent: Friday, June 20, 2014 3:07 AM
> To: Aaron West
> Cc: LinuxVirtualServer.org users mailing list.
> Subject: Re: [lvs-users] ldirectord question
> 
> Hi,
> 
> On Thu, Jun 19, 2014 at 06:20:02PM +0100, Aaron West wrote:
> > Hi Ilo,
> > 
> > To my knowledge a real server failing a health check done by an agent 
> > such as ldirectord/keepalived is pulled from the LVS table.
> > 
> > This will break any established connections to this server. A new 
> > connection should then start on a remaining live server on the next 
> > click/refresh for something like a web application or next connection 
> > retry for something else.
> 
> It is possible, though not necessarily desirable, to avoid breaking existing 
> connections by using quiescence. On the LVS side this is implemented by 
> setting a server weight to zero, which allows existing connections to 
> continue but prevents new connections from being "scheduled".
> 
> This is exposed in ldirectord as a quiescence setting by which it sets the 
> weight of a real-server to zero rather than removing it in the case where its 
> health check fails.
> 
> I am not familiar with keepalived but I suspect it has a similar feature.
> 
> > How this affects your app/users depends on your application design, 
> > mostly HTTP sessions would be fine while things like RDP/SSH/HTTPS 
> > would require you to reconnect/re-authenticate.
> > 
> > Regards
> > 
> > Aaron West
> > 
> > 
> > On 19 June 2014 16:42, Ilo Lorusso <IloL@xxxxxxxxxxxxxxxxxx> wrote:
> > 
> > > Hi ,
> > >
> > >
> > > I have a general question of how ldirectord works, I have setup my 
> > > virtual service and real servers
> > >
> > > I have an active connection and traffic is flowing through to the 
> > > real server perfectly as shown below
> > >
> > >
> > > I want to know is it possible to move an established connection 
> > > between the real servers without resetting or reestablishing the TCP 
> > > connection ?
> > >
> > > [root@lbmaster ~]# ipvsadm -Ln
> > > IP Virtual Server version 1.2.1 (size=32768) Prot LocalAddress:Port 
> > > Scheduler Flags
> > >   -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
> > > TCP  172.16.162.190:40054 wlc persistent 300
> > >   -> 172.16.162.199:40054         Masq    100    1          0
> > >   -> 172.16.162.200:40054         Masq    99     0          0
> > >
> > > BankservAfrica is a BBBEE level 4 procurement contributor
> > >
> > > This e-mail and its attachments, if any, are subject to 
> > > BankservAfrica's e-mail disclaimer which is available on 
> > > http://www.bankservafrica.com/Contactus/EmailDisclaimer.aspx
> > >
> > > Please consider the environment before printing this e-mail!
> > > _______________________________________________
> > > Please read the documentation before posting - it's available at:
> > > http://www.linuxvirtualserver.org/
> > >
> > > LinuxVirtualServer.org mailing list - 
> > > lvs-users@xxxxxxxxxxxxxxxxxxxxxx Send requests to 
> > > lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
> > > or go to http://lists.graemef.net/mailman/listinfo/lvs-users
> > >
> > _______________________________________________
> > Please read the documentation before posting - it's available at:
> > http://www.linuxvirtualserver.org/
> > 
> > LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx 
> > Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
> > or go to http://lists.graemef.net/mailman/listinfo/lvs-users
> > 
> 
> _______________________________________________
> Please read the documentation before posting - it's available at:
> http://www.linuxvirtualserver.org/
> 
> LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx Send 
> requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
> or go to http://lists.graemef.net/mailman/listinfo/lvs-users
> 
> BankservAfrica is a BBBEE level 4 procurement contributor
> 
> This e-mail and its attachments, if any, are subject to BankservAfrica's 
> e-mail disclaimer which is available on 
> http://www.bankservafrica.com/Contactus/EmailDisclaimer.aspx 
> 
> Please consider the environment before printing this e-mail!



> _______________________________________________
> Please read the documentation before posting - it's available at:
> http://www.linuxvirtualserver.org/
> 
> LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
> Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
> or go to http://lists.graemef.net/mailman/listinfo/lvs-users

-- 
1&1 Internet AG              Expert Systems Architect (IT Operations)
Brauerstrasse 50             v://49.721.91374.0
D-76135 Karlsruhe            f://49.721.91374.225

Amtsgericht Montabaur HRB 6484
Vorstand: Ralph Dommermuth, Frank Einhellinger, Robert Hoffmann, 
Andreas Hofmann, Markus Huhn, Hans-Henning Kettler, Uwe Lamnek, 
Jan Oetjen, Christian Würst
Aufsichtsratsvorsitzender: Michael Scheeren

_______________________________________________
Please read the documentation before posting - it's available at:
http://www.linuxvirtualserver.org/

LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
or go to http://lists.graemef.net/mailman/listinfo/lvs-users

<Prev in Thread]	Current Thread	[Next in Thread>
[lvs-users] ldirectord question, Ilo Lorusso Re: [lvs-users] ldirectord question, Aaron West Re: [lvs-users] ldirectord question, Simon Horman Re: [lvs-users] ldirectord question, Aaron West Re: [lvs-users] ldirectord question, Ilo Lorusso Re: [lvs-users] ldirectord question, Aaron West Re: [lvs-users] ldirectord question, Anders Henke <= Re: [lvs-users] ldirectord question, Anders Henke Re: [lvs-users] ldirectord question, Ilo Lorusso Re: [lvs-users] ldirectord question, Anders Henke

Previous by Date:	Re: [lvs-users] ldirectord question, Anders Henke
Next by Date:	Re: [lvs-users] ldirectord question, Ilo Lorusso
Previous by Thread:	Re: [lvs-users] ldirectord question, Aaron West
Next by Thread:	Re: [lvs-users] ldirectord question, Anders Henke
Indexes:	[Date] [Thread] [Top] [All Lists]