|
Hi,
> I have the following problem, I have a loadbalancer to loadbalance
> https/http, pop and smtp request. Al are working fine except for https.
> I get some times a connection refused.
> If I look with tcpdump I get a "tcp port https unreachable". But the
> real servers are ok, I test them also directly no problem with that. But
> via the loadbalancer I get sometimes the port unreachable problem. At
> that time both the realservers are in the loadbalancer.
I've got the same problem, but also with http. I use LVS-DR with one of
the real servers on the director:
IP Virtual Server version 1.0.10 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 212.204.230.98:80 sh
-> 212.204.230.91:80 Route 1 3 0
-> 212.204.230.96:80 Local 1 0 0
Both real servers work fine, and most of the time, the virtual server also
works. However sometimes, clients get "connection refused". After a few
minutes, everything's fine again.
A tcpdump on the client shows "bad tcp cksum". Unfortunately I don't know
what that means.
11:02:06.112745 IP (tos 0x0, ttl 64, id 35405, offset 0, flags [DF],
length: 60) 10.60.0.20.50259 > 212.204.230.98.http: S [bad tcp cksum c5ad
(->95f7)!] 4101824739:4101824739(0) win 65535 <mss 1460,nop,wscale
0,nop,nop,timestamp 918167251 0>
The load balancer returns ICMP port unreachable messages to the client:
12:32:55.431896 212.204.230.98 > hq.appoint.nl: icmp: 212.204.230.98 tcp
port www unreachable for hq.appoint.nl.52752 > 212.204.230.98.www: S
2831096624:2831096624(0) win 65535 <mss 1460,nop,wscale
0,nop,nop,timestamp[|tcp]> (DF) (ttl 58, id 20064, len 60) [tos 0xc0]
(ttl 64, id 23682, len 88)
I hope someone can help. At this point, I don't consider the LVS ready for
production :-(
Best regards,
Martijn.
|
