|
Hi,
>
> > I really would appreciate to generate, together with your help, a
> > flowchart of the whole tcp-connection. Let me start [thankx to Joe for
> > the picture in the LVS-HOWTO :) ]. LVS-DR, sched=rr, weight S#=1,
> > http-GET-Request!
> >
> > _______
> > | |
> > | C | CIP
> > |_______|
> > |
> > |
> > ___|___
> > | |
> > | R |
> > |_______|
> > |
> > |
> > | __________
> > | DIP | |
> > |------| LB |
> > | VIP |__________|
> > |
> > |
> > |
> > -------------------------------------
> > | | |
> > | | |
> > RIP1, VIP RIP2, VIP RIP3, VIP
> > ____________ ____________ ____________
> > | | | | | |
> > | S1 | | S2 | | S3 |
> > |____________| |____________| |____________|
> >
> >
> > C=Client, R=Router, S#=Realserver #, LB=Loadbalancer, ac=active
> > connections, ic=inactive connections,
> >
> >
> > C (R) LB S1 TCP_STATE(LB) ac ic
> > 1+2) CIP -----------SYN------------> VIP ----SYN----> RIP1
> > SYN_RECV 1 0
> > 3) CIP <-------------------SYN/ACK----------------- RIP1
> > 4+5) CIP -----------ACK------------> VIP ----ACK----> RIP1
> > ESTABLISH 1 0
> >
> > ok, lets start sending real data
> >
> > 6) CIP -----------ACK------------> VIP ----ACK----> RIP1
> > ESTABLISH 1 0
> > ...
> >
> > So, now, we are finished, and want to close the connection. First
> > problem: IMHO the loadbalancer is not able to distinguish between active
> > close on the server side and active close and the clients side. This
> > leeds to two final close sceneries (without SACK):
> >
> > active close on server side
> > ===========================
> >
> > 1) CIP <---------------------FIN------------------- RIP1
> > ESTABLISH 1 0
> > 2+3) CIP ---------ACK--------------> VIP ----ACK----> RIP1
> > ESTABLISH 1 0
> > 4+5) CIP ---------FIN--------------> VIP ----FIN----> RIP1
> > CLOSE_WAIT/CLOSED? 0 1 ?
> > 6) CIP <---------------------ACK------------------- RIP1
> > CLOSE_WAIT/CLOSED? 0 1 ?
> >
> > how does the lb know when he has to switch from CLOSE_WAIT to CLOSED? Or
> > does he just switch to CLOSED?
> >
>
> Since LVS/DR box is only on the client-to-server connection, the LVS/DR
> catch FIN packet and turns into the FINWAIT state, whose default timeout
> is 2 minutes in the system now.
>
> > active close on client side
> > ===========================
> >
> > 1+2) CIP ---------FIN--------------> VIP ----FIN----> RIP1
> > CLOSE_WAIT? 0 1 ?
> > 3) CIP <---------------------ACK------------------- RIP1
> > CLOSE_WAIT? 0 1 ?
> > 4) CIP <---------------------FIN------------------- RIP1
> > CLOSE_WAIT? 0 1 ?
> > 5+6) CIP ---------ACK--------------> VIP ----ACK----- RIP1
> > CLOSE_WAIT/CLOSED? 0 1 ?
> >
>
> The handling of LVS/DR in this situation is the same as above.
>
> > I hope someone can help me with my confusion and that we can put this
> > chart into the HOWTO, so everybody can understand how the loadbalancer
> > is really working. What's missing? The whole IP_VS_MASQ_TABLE in the
> > ip-layer (according to Wensong), SYN-cookies, SYN-drop. I'd really like
> > to draw the whole functional chart but since I'm not sure mixing up the
> > whole stuff I want add more.
> >
> >
I think :
client(cip) lvs/dr(vip)
rs(rip)
SYN-SENT
|--------------------------->|SYN_RCVD----------------------->|SYN_RCVD
(active | SYN,SEQ=x | SYN,SEQ=x |
open) | | |
ESTABLISHED|<------------------------------------------------------------|
| SYN,SEQ=y,ACK=x+1 |
| | |
|--------------------------->|ESTABLISHED-------------------->|ESTABLISHED
| ACK=y+1 | ACK=y+1 |
| | |
| | |
|<------------------------------------------------------------|
| Data trasfering |
|<------------------------------------------------------------|
| | |
FIN_WAIT_1
|--------------------------->|TIME_WAIT---------------------->|CLOSE_WAIT
(active | FIN,SEQ=u | | FIN,SEQ=u |
close) | | |2 |
| | | |
FIN_WAIT_2 |<---------------------------------------|--------------------|
| ACK=u+1 |minutes |
| | | |
TIME_WAIT
|<---------------------------------------|--------------------|LAST_ACK
| FIN,SEQ=v,ACK=u+1 | |
| | |(CLOSED??) |
| | | |
CLOSED
|--------------------------------------->|CLOSED------------->|CLOSED
ACK=v+1 ACK=v+1
Is it right?
There is a question:
if lvs's TIME_WAIT stutas had gone out,how will the
client's ACK=v+1 signal go to the realserver?
Regards
Wenyuan Kuang
|
