LVS
lvs-users
Google
 
Web LinuxVirtualServer.org

Re: Persistance and LVS

To: "LinuxVirtualServer.org users mailing list." <lvs-users@xxxxxxxxxxxxxxxxxxxxxx>, Horms <horms@xxxxxxxxxxxx>
Subject: Re: Persistance and LVS
From: Joseph Mack <mack.joseph@xxxxxxx>
Date: Thu, 06 May 2004 10:39:50 -0400
Horms wrote:
> 

> 
> LVS-NAT in 2.4 (and I assume 2.6) does not modify the source port
> so there is no possibility of collision.

OK. For regular NAT (not LVS-NAT) and your NAT router has one ethernet
connection to the outside world. Let's say we have clients connecting to
the outside world from both the NAT box and from boxes on the NAT'ed 
network inside. Isn't it possible that a client on the NAT box and a
client on one of the NAT'ed boxes will call from the same port?


> A persistance template is just like a connection entry.
> It uses the same data structure. And is stored in
> the same hash table. The only difference is that the source
> port is set to 0 so that it can be identified as a persistance
> template. 

Let's say I make VIP:https persistent. There will be an entry in
the hash table for VIP:https and another entry for VIP:0 in the
persistence template. How does ipvsadm know to make only VIP:https
persistent?

> This means that it will never match a hash-table lookup
> for a connection entry. And a connection entry will never
> match a lookup for a persistance template which is made in
> the scheduling code.

I don't know enough about what's going on here to know whether this
would or would not be true. Can you explain more?

> 
> The purpose of a persistance template is, in a nutshell, to
> effect persistance. When a connection is started for a persistant
> virtual service, the persistance template is looked up. If it
> exists then it is used - that is the connection will be forwarded
> to the same real server as the previous corresponding connection.
> Otherwise the connection is scheduled, just like a connection for
> a non-persistant virtual service, and the persistance template is
> created.

I presume this has something to do with my question about how ipvsadm
makes only VIP:https persistent.
 
> Like connection entries, persistance templates have timeouts.
> Actually, again, it is handled by the same code. The only difference
> is that for persistance templates, the timeout is set by the
> persistance timeout configured using ipvsadm. Whereas for connection
> entries the timeout depends on the connection's state.

my knowledge of persistence templates is sorely lacking.

Thanks 
Joe

-- 
Joseph Mack PhD, High Performance Computing & Scientific Visualization
SAIC, Supporting the EPA Research Triangle Park, NC 919-541-0007
Federal Contact - John B. Smith 919-541-1087 - smith.johnb@xxxxxxx
<Prev in Thread] Current Thread [Next in Thread>