LVS
lvs-users
[Top] [All Lists]
Google
 
Web LinuxVirtualServer.org
<prev [Date] next> <prev [Thread] next>

Re: Problems with LVS-DR

from [Wensong Zhang] [Permanent Link]
To: Ray Bellis <rpb@xxxxxxxxxxxxxxxx>
Subject: Re: Problems with LVS-DR
Cc: lvs-users@xxxxxxxxxxxxxxxxxxxxxx
From: Wensong Zhang <wensong@xxxxxxxxxxxx>
Date: Thu, 30 Dec 1999 23:02:21 +0800 
Ray Bellis wrote:
> 
> We're trying to configure our network to use LVS-DR but we're having
> problems.
> 
> According to our TCP dumps it appears that our ACK responses to the initial
> SYN packet are being blocked by the LVS server.  This happens even when
> there are no ipchains rules installed.  We can see the SYN packet being
> received on the real server and a TCP dump shows the ACK being transmitted,
> but on the external side of the LVS server the ACK doesn't appear.
> Connections directly to the RIPs work perfectly.
> 
> I'd gratefully appreciate any hints on how to prevent this!
> 
> Our config:
> 
> LVS: 0.9.7 + 2.2.13
> 
> ipvsadm -A -t 195.72.163.65:80 -p 600 -s wlc
> ipvsadm -a -t 195.72.163.65:80 -R 195.72.163.34 -g
> ipvsadm -a -t 195.72.163.65:80 -R 195.72.163.35 -g
> 
> The VIP address 195.72.163.65 is configured on a loopback alias on both the
> LVS server and the real machines.  The LVS VIP is advertised by OSPF on the
> external LAN, and is in a different subnet to the RIPs (195.72.163.32/27).
> 

In the LVS/DR, it requires that the load balancer and each server must
be directly connected to one another by a single uninterrupted segment
of a LAN, because the load balancer simply changes the MAC address of
the data frame to that of the chosen real server and restransmits it
on the LAN.

Since your VIP is 195.72.163.65 and real servers are in the
195.72.163.32/27 network, I guess that your load balancer and real
servers are in different network and this is the reason that your
configuration is broken. Unless you add another NIC card on your load
balancer and configure one IP of 195.72.163.32/27 on it, then your
load balancer is directly linked to real servers. Or, you can try
LVS/TUN.

Hope it helps,

Wensong


> thanks,
> 
> Ray.
> 
> --
> Ray Bellis, MA(Oxon) - Technical Director - community internet plc
> 
> Windsor House, 12 High Street, Kidlington, Oxford, OX5 2PJ
> tel:  +44 1865 856000   email: ray.bellis@xxxxxxxxxxxxxxxx
> fax:  +44 1865 856001     web: http://www.community.net.uk/
> 
>   ----------------------------------------------------------------------
> ----------------------------------------------------------------------
> LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
> To unsubscribe, e-mail: lvs-users-unsubscribe@xxxxxxxxxxxxxxxxxxxxxx
> For additional commands, e-mail: lvs-users-help@xxxxxxxxxxxxxxxxxxxxxx

----------------------------------------------------------------------
LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
To unsubscribe, e-mail: lvs-users-unsubscribe@xxxxxxxxxxxxxxxxxxxxxx
For additional commands, e-mail: lvs-users-help@xxxxxxxxxxxxxxxxxxxxxx
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Patch for 2.2.5-15 (redhat), Wensong Zhang
Next by Date:  Re: Off-Topic: Patents, Wensong Zhang
Previous by Thread:  Problems with LVS-DR, Ray Bellis
Next by Thread:  Re: Newbie redirect/tunneling question (solved), harlan
Indexes:  [Date] [Thread] [Top] [All Lists]