|
Alois Treindl wrote:
>
> I have to expect problems, if the page is created by a CGI and
> contains dynamically created GIFs it it, as the hits for these gifs
> will land on a different realserver than the one where the cgi runs.
This problem can be solved with fwmark (thanks Horms and Julian).
Here's a setup for a 2.4.x kernel
#put fwmark=1 on all tcp packets for VIP:http arriving on eth0
director:# iptables -t mangle -A PREROUTING -i eth0 -p tcp -s 0.0.0.0/0 \
-d 192.168.1.110/32 --dport http -j MARK --set-mark 1
#setup 2 real-servers to persistently forward packets with fwmark=1 with rr
scheduling
director:# ipvsadm -A -f 1 -s rr -p 600
director:# -a -f 1 -r sneezy.mack.net:0 -g -w 1
director:# -a -f 1 -r bashfull.mack.net:0 -g -w 1
#output setup
director:# iptables -L -t mangle
Chain PREROUTING (policy ACCEPT)
target prot opt source destination
MARK tcp -- anywhere lvs.mack.net tcp dpt:http MARK
set 0x1
director:# ipvsadm
IP Virtual Server version 0.2.11 (size=16384)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
FWM 1 rr persistent 600
-> bashfull.mack.net:0 Route 1 0 0
-> sneezy.mack.net:0 Route 1 0 0
Here's the output of ipvsadm after the successful generation
and display of the dynamically generated gif.
Note all connections went to one real-server.
director:# ipvsadm
IP Virtual Server version 0.2.11 (size=16384)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
FWM 1 rr persistent 600
-> bashfull.mack.net:0 Route 1 5 3
-> sneezy.mack.net:0 Route 1 0 0
Joe
--
Joseph Mack PhD, Senior Systems Engineer, Lockheed Martin
contractor to the National Environmental Supercomputer Center,
mailto:mack.joseph@xxxxxxx ph# 919-541-0007, RTP, NC, USA
|
