I've just started trying to put my news server behind LVS. This is so
that I can move it to a new machine without waiting for DNS propagation
times more than anything else.
My long-standing (last recompiled in 1996!) news server is now giving
unexpected socket closes when talking to trn, at least, and probably
other clients.
Closer examination reveals that INN times out idle connections after
30s, and sends an RST. I confess to being out of my depth, tracing
through Salz and Wall code, but rather than closing the connection down,
trn appears to continue to send and get responses when talking direct to
a realserver.
elara is the client, ftel the server.
Here is the ACK for the last frame of the fetching of the active file:
9.67888 elara.ftel.co.uk -> ftel.ftel.co.uk ETHER Type=0800 (IP), size = 54
bytes
9.67888 elara.ftel.co.uk -> ftel.ftel.co.uk IP D=192.65.220.23 S=172.16.2.63
LEN=40, ID=16233, TOS=0x0, TTL=64
9.67888 elara.ftel.co.uk -> ftel.ftel.co.uk TCP D=119 S=37095 Ack=4126103406
Seq=1823663889 Len=0 Win=49640
9.67888 elara.ftel.co.uk -> ftel.ftel.co.uk NNTP C port=37095
Then I leave trn to sit, so this timeout packet arrives:
31.74277 ftel.ftel.co.uk -> elara.ftel.co.uk ETHER Type=0800 (IP), size = 60
bytes
31.74277 ftel.ftel.co.uk -> elara.ftel.co.uk IP D=172.16.2.63 S=192.65.220.23
LEN=40, ID=50483, TOS=0x0, TTL=254
31.74277 ftel.ftel.co.uk -> elara.ftel.co.uk TCP D=37095 S=119 Rst Win=49640
31.74277 ftel.ftel.co.uk -> elara.ftel.co.uk NNTP R port=37095
And then I finally ask trn to do something, and it happily does so:
61.01442 elara.ftel.co.uk -> ftel.ftel.co.uk ETHER Type=0800 (IP), size = 69
bytes
61.01442 elara.ftel.co.uk -> ftel.ftel.co.uk IP D=192.65.220.23 S=172.16.2.63
LEN=55, ID=16234, TOS=0x0, TTL=64
61.01442 elara.ftel.co.uk -> ftel.ftel.co.uk TCP D=119 S=37095 Push
Ack=4126103406 Seq=1823663889 Len=15 Win=49640
61.01442 elara.ftel.co.uk -> ftel.ftel.co.uk NNTP C port=37095 GROUP
uk.misc\r\n
61.04432 ftel.ftel.co.uk -> elara.ftel.co.uk ETHER Type=0800 (IP), size = 85
bytes
61.04432 ftel.ftel.co.uk -> elara.ftel.co.uk IP D=172.16.2.63 S=192.65.220.23
LEN=71, ID=26453, TOS=0x0, TTL=253
61.04432 ftel.ftel.co.uk -> elara.ftel.co.uk TCP D=37095 S=119 Push
Ack=1823663904 Seq=4126103406 Len=31 Win=8760
61.04432 ftel.ftel.co.uk -> elara.ftel.co.uk NNTP R port=37095 211 628 955968
95659
But via LVS, initially things go the same, down to:
7.42935 elara.ftel.co.uk -> ext-proxy.ftel.co.uk ETHER Type=0800 (IP), size =
54 bytes
7.42935 elara.ftel.co.uk -> ext-proxy.ftel.co.uk IP D=192.65.220.53
S=172.16.2.63 LEN=40, ID=45975, TOS=0x0, TTL=64
7.42935 elara.ftel.co.uk -> ext-proxy.ftel.co.uk TCP D=119 S=37098
Ack=4218680163 Seq=2002728032 Len=0 Win=49640
7.42935 elara.ftel.co.uk -> ext-proxy.ftel.co.uk NNTP C port=37098
and ipvsadm --list -c reports:
TCP 14:57 ESTABLISHED 172.16.2.63:37098 192.65.220.53:119 192.65.220.23:119
but then I get this:
29.99934 ext-proxy.ftel.co.uk -> elara.ftel.co.uk ETHER Type=0800 (IP), size =
60 bytes
29.99934 ext-proxy.ftel.co.uk -> elara.ftel.co.uk IP D=172.16.2.63
S=192.65.220.53 LEN=40, ID=53824, TOS=0x0, TTL=254
29.99934 ext-proxy.ftel.co.uk -> elara.ftel.co.uk TCP D=37098 S=119 Rst
Win=49640
29.99934 ext-proxy.ftel.co.uk -> elara.ftel.co.uk NNTP R port=37098
and ipvsadm reports:
TCP 00:02 CLOSE 172.16.2.63:37098 192.65.220.53:119 192.65.220.23:119
and unsurprisingly, when I shortly afterwards hit return I get:
91.01342 elara.ftel.co.uk -> ext-proxy.ftel.co.uk ETHER Type=0800 (IP), size =
78 bytes
91.01342 elara.ftel.co.uk -> ext-proxy.ftel.co.uk IP D=192.65.220.53
S=172.16.2.63 LEN=64, ID=45976, TOS=0x0, TTL=64
91.01342 elara.ftel.co.uk -> ext-proxy.ftel.co.uk TCP D=119 S=37098 Push
Ack=4218680163 Seq=2002728032 Len=24 Win=49640
91.01342 elara.ftel.co.uk -> ext-proxy.ftel.co.uk NNTP C port=37098 GROUP
uk.politics.mi
91.01451 ext-proxy.ftel.co.uk -> elara.ftel.co.uk ETHER Type=0800 (IP), size =
60 bytes
91.01451 ext-proxy.ftel.co.uk -> elara.ftel.co.uk IP D=172.16.2.63
S=192.65.220.53 LEN=40, ID=0, TOS=0x0, TTL=62
91.01451 ext-proxy.ftel.co.uk -> elara.ftel.co.uk TCP D=37098 S=119 Rst
Seq=4218680163 Len=0 Win=0
91.01451 ext-proxy.ftel.co.uk -> elara.ftel.co.uk NNTP R port=37098
Does anyone have any ideas? It looks like my plans to use LVS in front
of an NNTP cluster are scuppered.
ian
|