Darek M wrote:
>
> Hey guys,
>
> LVS on Slackware 8.1 operating in the NAT option.
>
> It works very well with one exception. When making a request to the site,
> the connection seems to stall for anywhere from 3 to 6 seconds before the
> page is returned to the client browser.
>
> I will paste a tcpdump log below.
I assume this was run on the director (thanks for the substitution of
IPs by LVS functional names BTW)?
> Is this a somewhat common occurance? I
usually this happens if the service is running inside tcpwrappers but you
usually don't run httpd from inetd inside tcpwrappers.
The only time this has happened to me is if the routing is strange and
icmp or whatever has to recover the route for you. This would not
account for the telnet client working.
> double checked the network connectivity, and swapped around interfaces, and
> NICs and their drivers with no remedy. Maybe there is a patch out for
> this? I am pretty confident that I followed the install procedure
> correctly but it does look to me like it is the LVS kernel module/software
> deciding where to send the packets.
>
> Also, I do not suppose keepalived that I use would have anything to do with
> it. It just updates the pool.
>
> There is a delay in the internal server's response, but telnetting to port
> 80 from the loadbalancer itself yields an instantaneous response and
> banner.
I will assume there is some wierdness in your setup.
Suggestions:
run tcpdump on all machines (both realservers, director inside and outside NIC)
and look for packets sent during the pause.
>
> I appreciate any feedback. And maybe other ways of trouble shooting this.
>
> A picture is in order.
> +-----------------------------------+
> (client) --> |public_server_ip (public interface)|
> | 10.6.6.1 (private interface) |(loadbalancer)
> +-----------------------------------+
> | |
> | |
> 10.6.6.10 (webserver) 10.5.5.10 (inactive)
why it realserver_2 inactive? Is it not listed as a realserver in ipvsadm?
If you have both realservers in the setup and the webpage has several
hits (eg an image in it), then it is likely that the client will
be getting parts of the webpage from both realservers. Check by
making the index.html file to only contain one string eg (html'ized) "foo".
In this case you may have the default route incorrect for one of the
realservers.
Joe
--
Joseph Mack PhD, Senior Systems Engineer, SAIC contractor
to the National Environmental Supercomputer Center,
ph# 919-541-0007, RTP, NC, USA. mailto:mack.joseph@xxxxxxx
|