Hello,
On Mon, 17 Jul 2017, 李春 wrote:
> I have meet a very strange problem in my LVS environment.
>
>
> when I connect to mysqld real server, mysql client is ok.
> when I connect to LVS to access to the real server, mysql client report error.
>
>
> I config the LVS as DR mode like this:
> ```
> ipvsadm -A -t 158.222.165.185:3306 -s wrr
> ipvsadm -a -t 158.222.165.185:3306 -r 158.222.165.125:3306 -g -w 100
> ```
>
>
>
> And I have tcpdump the package on the LVS and real server.
> Sync/Sync+ack/ack of Three-way Handshake is ok,and four-way handshake is ok.
> But when mysql client send the login request (user/password) package,
> the package fragment.
>
>
> As show as follows,The LVS received the package and send it the real
> server correct(length 252).
> But real server get a fragment of the package (length 248) and a error
> chksum. It have missed the 4 bytes fragment of the package.
>
>
> Here is the package I have ```tcpdump -lnnneeevvv``` on the LVS.
> * 9c:dc:71:4d:49:d0 = 158.222.165.126 is the client
> * 24:8a:07:64:7f:21 = 158.222.165.185 is the VIP and the director
> * 24:8a:07:64:56:41 = 158.222.165.185 is the real server
>
>
> LVS package:
> ```
> 19:12:22.229356 9c:dc:71:4d:49:d0 > 24:8a:07:64:7f:21, ethertype IPv4
> (0x0800), length 252: (tos 0x8, ttl 64, id 56669, offset 0, flags
> [DF], proto TCP (6), l
> 158.222.165.126.37691 > 158.222.165.185.3306: Flags [P.], cksum
> 0x5d97 (correct), seq 0:198, ack 83, win 115, length 198
> 19:12:22.229367 24:8a:07:64:7f:21 > 24:8a:07:64:56:41, ethertype IPv4
> (0x0800), length 252: (tos 0x8, ttl 64, id 56669, offset 0, flags
> [DF], proto TCP (6), l
> 158.222.165.126.37691 > 158.222.165.185.3306: Flags [P.], cksum
> 0x5d97 (correct), seq 0:198, ack 83, win 115, length 198
> ```
>
>
> real server packages:
> ```
> 19:12:21.803118 24:8a:07:64:7f:21 > 24:8a:07:64:56:41, ethertype IPv4
> (0x0800), length 248: (tos 0x8, ttl 64, id 56668, offset 0, flags
> [DF], proto TCP (6), l
> 158.222.165.126.37691 > 158.222.165.185.3306: Flags [.], cksum
> 0x5d97 (incorrect -> 0x4883), seq 1:195, ack 83, win 115, length 194
> 19:12:21.803126 24:8a:07:64:7f:21 > 24:8a:07:64:56:41, ethertype IPv4
> (0x0800), length 60: (tos 0x8, ttl 64, id 56669, offset 0, flags [DF],
> proto TCP (6), le
> 158.222.165.126.37691 > 158.222.165.185.3306: Flags [P.], cksum
> 0x7973 (incorrect -> 0x5fb3), seq 199, ack 83, win 115, length 0
> ```
>
>
>
> * we run the test on rhel6.7 with ipvsadm v1.26 2008/5/15 (compiled
> with popt and IPVS v1.2.1)
> * our network engineer have mirror the port of LVS and report that the
> package is fragmented from LVS director.
> * we have replace the broadcom network card to mellanox netword card,
> but it still the same problem
>
>
> And I have not config net.ipv4.ip_forward = 1 accord to
> http://www.austintek.com/LVS/LVS-HOWTO/HOWTO/LVS-HOWTO.LVS-DR.html
> But if I config "net.ipv4.ip_forward = 1 ", there are no package
> fragment. MySQL connect to mysqld (throught LVS) successfully.
>
>
> Have any one meet the problem, do you resolve it ? Or any one can help
> to fix it.
There can be a problem with fragments but your
tcpdump output does not show such fragments, even in
previous emails. According to 'man tcpdump':
Fragmented Internet datagrams are printed as
(frag id:size@offset+)
(frag id:size@offset)
What exactly is the kernel version (uname -a) ?
You can use such minimum options: tcpdump -s0 -lennn -vvv ...
Regards
--
Julian Anastasov <ja@xxxxxx>
|