LVS
lvs-users
Google
 
Web LinuxVirtualServer.org

Re: Infinetely scalable DR

To: Lars Marowsky-Bree <lmb@xxxxxxx>
Subject: Re: Infinetely scalable DR
Cc: lvs-users@xxxxxxxxxxxxxxxxxxxxxx
From: Julian Anastasov <uli@xxxxxxxxxxxxxxxxxxxxxx>
Date: Tue, 23 May 2000 16:16:33 +0300 (EEST)
        Hello,

On Tue, 23 May 2000, Lars Marowsky-Bree wrote:

> Good morning,
> 
> during my presentation about LVS at SANE2000, an attendee brought up the
> following suggestion:
> 
> Apparently, TCP/IP allows for the server to reply with a _different_ source
> address then the one the SYN packet was send to, and establish the connection
> to that adress instead.
> 

        How is that possible. Is it explained in some rfc?

> What this implies is the following:
> 
> If DR is used to resend the first SYN packet to the real server A, and A
> establishes the connection to the client with one of its own addresses, the
> LVS is _not_ involved in any further communication between the client and the
> real server.
> 
> Advantages:
> - Infinetely scalable. The LVS only sees the first packet of every connection,
>   instead of every incoming packet.
> - Desireable in a failover setting. Since the LVS is only involved for
>   establishing the connection, no established connections die on failover of
>   the LVS box.
> - Implicitly solves the problem that the LVS box may not be in the return path
>   with a DR setup, since it no longer sees a packet comeing from one of its
>   locally bound addresses.
> 
> This appears to be supported by most all TCP/IP implementations. Does anyone
> know if this is true or not?

        Looking in the kernel source I don't see such possibility.
> 
> It appears to me, that if this IS true, and if it is supported by a wide
> enough range of networking equipment, this would totally rule ;-) I don't have
> my Stevens handy on the road though, so I can't check myself right now.
> 
> This would not even involve changing the DR code, but instead adding a special
> kernel patch on the real servers, which had to reply with a different address
> than the one the packet was send to.

        I see the benefits. But I can't believe :) More info?


Regards

--
Julian Anastasov <uli@xxxxxxxxxxxxxxxxxxxxxx>



<Prev in Thread] Current Thread [Next in Thread>