LVS
lvs-users
Google
 
Web LinuxVirtualServer.org

LVS and CBQ

To: "lvs-users@xxxxxxxxxxxxxxxxxxxxxx" <lvs-users@xxxxxxxxxxxxxxxxxxxxxx>
Subject: LVS and CBQ
From: joern maier <joern.maier@xxxxxxxxxxxxxxxxxxxxx>
Date: Tue, 10 Oct 2000 13:24:26 +0200
Hi there,

I hope anybody of you can help me. I´ve got a problem using LVS and CBQ
(class based queueing -> feature of advanced routing of the Linux
Kernel)
with CBQ you can shape bandwidth (see adv_routing_how_to)
The problem is as follows:

I´ve got a setup like this using LVS and direct_routing, aller hosts are
Athlon 800MHZ, 256MByte RAM, 3com90x 100Mbit Netcard using SuSE Linux
7.0
i.e. Kernel 2.2.16:



                                        ---server_1 (lo:0 192.168.10.17)
                                       /
   client  --------------|-----------------server_2 (lo:0 192.168.10.17)
192.168.10.15        load balancer     \
                      (with CBQ)        ---server_3 (lo:0 192.168.10.17)
               eth0:110 = 192.168.10.17    


the real IP-Adr of the real servers are:
server_1: 192.168.10.07
server_2: 192.168.10.08
server_3: 192.168.10.09

the real IP-Adr of the LB is:
192.168.10.01

serviced which are provided by LVS are telnet and http

additional services on the director which are set up with IP
192.168.10.01
and should therefore be unknown to the director and just be accessable
via
the real name of this server are: telnet, http and ftp

the client is just for testing purposes

what I´m trying to do is shaping the bandwidth from the load balancer to
the
webservers in a way that the client (src 192.168.10.15)  is allowed to
send a
a maximum of 200KBit/s of data to the servers. Therefore I compiled the
kernel
of the LB (=VS.director) with the appropriate features. However it
simply does
not care about the bandwidth limitation. I tried it in two different
ways:
attempt 1:
I implemented a CBQ filter like this:

# tc filter add dev eth0 parent 100:0 protocol ip prio 100 u32 match ip
src 192.168.10.15 flowid 100:100

-> the queue 100:100 is set to a range of 200Kbit/s but this is just
ignored. As many
data as is send by the client is forwarded to the realservers

attempt 2:

I set the filter roule in a way that every package marked with 100 by
the firewall is 
put into the above mentioned queue (100:100):

# tc filter add dev eth0 protocol ip parent 100:0 prio 100 handle 100 fw
classid 100:100

then I set up the firewall with the following roule:

# ipchains -A input -p ip -s 192.168.10.15 -m 100 -j ACCEPT

after doing this, the LB (VS.director) did not forward any packet to the
real_servers
anymore. Trying it with http he used teh webserver which runs on the
same
machine as the director but should be unknown to the director because it
is set up on the real IP of the director and never mentioned in any of
the configuration skripts.

using one of the following roules nothing happend:
# ipchains -A forward -p ip -s 192.168.10.15 -m 100 -j ACCEPT
or
# ipchains -A output -p ip -s 192.168.10.15 -m 100 -j ACCEPT

has anybody a clue what I´ve done wrong or if you need some more
information so
please e-mail me.

thanks,
  Joern


<Prev in Thread] Current Thread [Next in Thread>