|
Hello,
On Fri, 2 Nov 2001, Rob Leasure wrote:
> Hi All,
>
> I am experiencing a problem using LVS behind a CheckPoint firewall.
>
> It seems as though several packets are dropped by the firewall as a
> result of being "out of sequence" When I ask the firewall administrator what
> the problem is, he tells me that he can't be sure, but he has seen this
> problem before when he has had other load balancers using a Virtual IP
> (eth0:0) to balance incoming packets.
>
> So... with that being said, I have to admit I am a little skeptical of
> this assumption that just because I am using a Virtual IP, TCP packets are
> getting out of sync... however, with that being said, the firewall
> administrator seems to be pretty savvy when it comes to TCP, where as I am
> hardly TCP savvy, so I pose the question to the group... Has anyone seen
> anything similar to this problem? and if so, what was done to correct it?
LVS does not change the order of packets. The sequence numbers
are not changes (except for FTP may be). There are no checks that will
restrict packets based on sequence numbers. Which LVS?
> Regards,
> Rob.
Regards
--
Julian Anastasov <ja@xxxxxx>
|
