Re: testlvs question

To:	lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Subject:	Re: testlvs question
From:	William Clements <whc2u@xxxxxxxxxxxxx>
Date:	Tue, 6 Mar 2001 11:05:15 -0800

* On 03/05/01 ja@xxxxxx wrote:

> On Mon, 5 Mar 2001, William Clements wrote:
> 
> > >       Is there an ipchains -I input -s 10.0.0.0/24 -j DENY rule in
> > > the real servers? I assume you try to test the throughput in the
> > > director and not to flood your web services. The traffic can be
> > > redirected to another place if you don't follow the instructions
> > > to block it in the real servers. You have to describe your setup.
> > >
> >
> > I'm not using ipchains anywhere.  I used "route" on the
> > real webservers to drop the bogus route.
> 
>       OK
> 
> > > > Using show_traffic.sh I get the following:
> > > >
> > > > director:     ~ 1002 packets/sec
> > > > webserver1:   ~ 50 packets/sec
> > > > webserver2:   ~ 50 packets/sec
> > > >
> > > > (as per the show_traffic.sh default, all measurements are over
> > > > a 10 second period of time)
> > > > So, I'm wondering what happened to the "other" packets.
> > > > Any thoughts?
> 
>       Hm, may be the packets are dropped in the director. May be
> you have rp_filter=1 and no route to 10/8. What about adding in the
> director:
> 
> ip route add default via some_gateway dev eth0
> or just
> ip route add 10/8 via the_same_gateway dev eth0
> 
>       The gateway can simply be the client host where you run
> testlvs, i.e. the device where the requests come from if we don't want
> to cause more troubles when using rp_filter.
> 
>       If you don't have route to the used spoofed source addresses,
> which are from 10.0.0.0/8 by default, the rp_filter in the director
> just drops them. This is the only difference I can see when using
> testlvs and other L7 clients (ab, ptester, etc) which use normal
> source addresses.
> 

Humm....

/sbin/sysctl -a | grep rp_filter:

net.ipv4.conf.eth0.arp_filter = 0
net.ipv4.conf.eth0.rp_filter = 0
net.ipv4.conf.lo.arp_filter = 0
net.ipv4.conf.lo.rp_filter = 0
net.ipv4.conf.default.arp_filter = 0
net.ipv4.conf.default.rp_filter = 0
net.ipv4.conf.all.arp_filter = 0
net.ipv4.conf.all.rp_filter = 0

(I reset net.ipv4.conf.all.rp_filter )

As for the gateway, my default gateway should catch all the 10.0.0.0/8 
IP's, and this traffic should show up on my firewall (As is actually the
case for the real webservers before I dropped in a routing rule).  I
But I have not seen any traffic from the director.  I took your
suggestion and added the additional route for the director anyway, but
still the same result.

I guess I'll try tcpdump next.  Much thanks for the help.

Will

<Prev in Thread]	Current Thread	[Next in Thread>
testlvs question, William Clements Re: testlvs question, Julian Anastasov Re: testlvs question, William Clements Re: testlvs question, Julian Anastasov Re: testlvs question, William Clements <=

Previous by Date:	Re: SV: Real server linux 2.4, Joseph Mack
Next by Date:	Re: Real server linux 2.4, jwolff
Previous by Thread:	Re: testlvs question, Julian Anastasov
Next by Thread:	[OT] Help maintaining diffs / patches, Benjamin Lee
Indexes:	[Date] [Thread] [Top] [All Lists]