Re: Announcing: IPVS v0.9.0

To: Jake Buchholz <jake@xxxxxxxxxx>
Subject: Re: Announcing: IPVS v0.9.0
Cc: LVS Mailinglist <lvs-users@xxxxxxxxxxxxxxxxxxxxxx>
From: Wensong Zhang <wensong@xxxxxxxxxxxx>
Date: Tue, 28 Sep 1999 23:38:31 +0800

Jake Buchholz wrote:
> On Fri, Sep 24, 1999 at 07:34:46PM +0800, Wensong Zhang wrote:
> > Virtual Server patch for Linux 2.2 - Version 0.9.0 - September 24, 1999
> [...]
> > -   Added new persistent service handling
> [...]
> >     For all the
> >     persistent services except FTP, we create a masq template like
> >     <daddr, 0, maddr, mport, saddr, sport>. So, the persistent services
> >     won't disturb each other, and it fixes the wrong accounting bug for
> >     different persistent services.
> [...]
> >     For passive
> >     FTP, FTP server tells the clients the port that it passively listens
> >     to,  and the client issues the data connection. In the tunneling or
> >     direct routing mode, the load balancer is on the client-to-server half
> >     of connection, the port number is unknown to the load balancer. So, a
> >     template masq like <daddr, 0, maddr, 0, saddr, 0> is created for
> >     persistent FTP service.
> Now, if I read this right, it says that I could persistently redirect
> different services on one virtual IP to different servers -- as long as
> no passive FTP is involved.
> When passive FTP is involved on a virtual IP, however, ALL services on
> that IP are persistently linked to one server (based, of course, on
> source addr.)  For example, I wouldn't be able to reroute :80 to a
> set of web-only servers, and reroute :20, :21, :<passive-ports> to FTP-
> only servers.  Right?
> If this is indeed the case, would it be possible to circumvent this
> nature by providing some kind of "fallback" LVS entry?  Something like:
>         # reroute HTTP
>         ipvsadm -A -t -s rr
>         ipvsadm -a -t -r -g
>         ipvsadm -a -t -r -g
>         # reroute HTTPS
>         ipvsadm -A -t -s rr -p
>         ipvsadm -a -t -r -g
>         ipvsadm -a -t -r -g
>         # fallback (FTP, passive FTP, and everything else)
>         ipvsadm -A -t -s rr -p
>         ipvsadm -a -t -r -g
>         ipvsadm -a -t -r -g

No, don't need to do this. Just simple put the following commands for
FTP service (in the v0.9.x):
        ipvsadm -A -t -s rr -p
        ipvsadm -a -t -r -g
        ipvsadm -a -t -r -g

Yeah, it works for multiple persistent service on a virtual IP address.


> So that if a connection comes around that's specificially defined (like
> an HTTP or HTTPS connect), it works as it should. However, if a specific
> entry for that IP's port is NOT found, the fallback :0 entry would apply.
> Is this how things currently work?  And if not, would it be possible or
> even desirable to do it this way?
> --
> Jake Buchholz, ExecPC Sr. Systems Administrator :           /~\
> jake@xxxxxxxxxx --  :    ASCII  \ /  Against
> Fngrpt PGP262: 29f3322af2da07994dc03fdf1f50aed2 :   Ribbon   X   HTML
> GnuPG: 53d97ab3d279f731e7d2fc1197ca38544423882b : Campaign  / \  Mail

---------------------------------------------------------------------- mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
To unsubscribe, e-mail: lvs-users-unsubscribe@xxxxxxxxxxxxxxxxxxxxxx
For additional commands, e-mail: lvs-users-help@xxxxxxxxxxxxxxxxxxxxxx

<Prev in Thread] Current Thread [Next in Thread>