Re: Cisco routers dynamic ARP caching

To:	lvs-users@xxxxxxxxxxxxxxxxxxxxxx, woods@xxxxxxxx
Subject:	Re: Cisco routers dynamic ARP caching
From:	Joseph Mack <mack.joseph@xxxxxxx>
Date:	Mon, 05 Aug 2002 07:03:33 -0400

Greg Woods wrote:
> 
> I have been told by our network guys here (and I hope to confirm this once
> I find a copy of the hidden patch) that Cisco routers use dynamic ARP
> caching. This means, the router will place an entry into its ARP cache
> any time it sees a particular MAC/IP address combination, without
> ever issuing an explicit ARP and receiving a response. This of course
> will break DR LVS's, since silencing ARP on the real server is no longer
> sufficient to keep it's MAC address out of the router's ARP cache.

Unlike ethernet, where there is no requirement for packets from the same IP
to come from the same MAC address, for ATM this is a requirement. So you
can't use LVS-DR with ATM. We've had only one person try ATM so far and
he didn't get it to work apparently for this reason.

At the netfilter BOF at the Ottawa Linux Symposium this year this subject
(LVS sending packets from the VIP with different MAC addresses) came up and
Harald Welte said (I hope I'm not misquoting him) that he'd be happier if
all these packets had the same MAC address. You can change the MAC address 
on the packets if you're willing to rewrite a bit of code (this is what 
Alexandre is doing for the arp'ing VIPs on two directors for failover, with 
his vrrpd code) and have the packets all come from a private MAC address
(the MAC equivelant of the 192.168.x.x IP addresses). I talked to Lars about
having code in LVS which puts the same MAC address on all packets from the VIP
and he said that since this wasn't part of the ethernet spec that we shouldn't
do it. However it would make life easier for anyone using ATM. I e-mailed
Julian and Alexandre about it and for the number of people using LVS on ATM
they weren't interested in doing anything about it.

> I tried setting up a NAT LVS, but when I did this, all the connections
> to the real servers appeared to come from the director, so I lose information
                                                             ^
> about who the client is. 

who is "I"? The realservers have the CIP and know who the client is.

Joe

-- 
Joseph Mack PhD, Senior Systems Engineer, Lockheed Martin
contractor to the National Environmental Supercomputer Center, 
mailto:mack.joseph@xxxxxxx ph# 919-541-0007, RTP, NC, USA

<Prev in Thread]	Current Thread	[Next in Thread>
Cisco routers dynamic ARP caching, Greg Woods Re: Cisco routers dynamic ARP caching, Magnus Nordseth Re: Cisco routers dynamic ARP caching, Greg Woods Re: Cisco routers dynamic ARP caching, Joseph Mack Re: Cisco routers dynamic ARP caching, Greg Woods Re: Cisco routers dynamic ARP caching, Martijn Klingens Re: Cisco routers dynamic ARP caching, Paul P. Pongco Re: Cisco routers dynamic ARP caching, Greg Woods Re: Cisco routers dynamic ARP caching, Matthew Crocker Re: Cisco routers dynamic ARP caching, Joseph Mack <= Address manipulation, Alec Grynspan Re: Address manipulation, Joseph Mack Hardware based load balancers vs LVS, Doug Schasteen Re: Hardware based load balancers vs LVS, Daniel Burke Re: Hardware based load balancers vs LVS, Bradley McLean Re: Hardware based load balancers vs LVS, Matthew Marlowe Re: Hardware based load balancers vs LVS, Horms Re: Hardware based load balancers vs LVS, Malcolm Turnbull RE: Hardware based load balancers vs LVS, Doug Schasteen Re: Address manipulation, Alec Grynspan

Previous by Date:	Re: can lvs do this...?, Horms
Next by Date:	Re: Strange problems..., Matt . Gregory
Previous by Thread:	Re: Cisco routers dynamic ARP caching, Matthew Crocker
Next by Thread:	Address manipulation, Alec Grynspan
Indexes:	[Date] [Thread] [Top] [All Lists]