|
I know! That section from the newsgroup is from my posts when I was trying to
fix the problem the first time! Sadly, I didn't post a detailed solution or the
actual fix!
But I have now done it.
You have to change the mtu value on the end of the IP tunnel that initiates the
tunnel, ie, the real server. In this instance, a windows 2000 box. This value
should be as close to the mtu value or the physical interface it is going
through, but small enough to ensure there is enough space left for the ipip
header. We use 1400 and have never had any reports of it failing.
To do this you goto registry and add a dword entry called MTU with the decimal
value 1400 (safe) into:
hklm\system\currentcontrolset\services\tcpip\parameters\interfaces\{guid of ip
tunnel}
Restart (did I say it was windows???)
Bingo.
If this is not set, you get lots of 'IPVS: ip_vs_tunnel_xmit(): frag needed'
messages logged to the console.
... and connections hang.
Malcom: loadbalancer.org v0.8 has this problem. I havn't been able to reproduce
it in a newer version, but that doesn't guarantee it have been fixed.
Chris
-----Original Message-----
From: Joseph Mack [mailto:mack.joseph@xxxxxxx]
Sent: 27 May 2004 12:23
To: LinuxVirtualServer.org users mailing list.
Subject: Re: Large HTTP GET/POST timeout
Chris Paul wrote:
>
> Casey,
>
> The problem is one I am only too familiar with.
>
> It is caused by the linux kernel not taking into account the size ipip tunnel
> headers when sending traffic over an ip tunnel.
This problem is described in
http://www.austintek.com/LVS/LVS-HOWTO/HOWTO/LVS-HOWTO.LVS-Tun.html#MTU
(
you would find it eventually by entering "tunnel" and "MTU" into the search
HOWTO search engine listed at the top of
http://www.austintek.com/LVS/LVS-HOWTO/HOWTO/
)
It appears to be a kernel problem and not an LVS problem
> 1. Upgrade to kernel 2.6.???
>
> 2. Change the MTU values on the director.
Ratz says that the problem is solved if you set the MTU for the route,
(rather than for the device)
> I solved it by changing the MTU values, but it was nearly a year ago now I a
> can't remember exactly which ones I changed, ie, the RIP on the director, the
> tunnel from the director, or the tunnel from the real server.
Joe
--
Joseph Mack PhD, High Performance Computing & Scientific Visualization
SAIC, Supporting the EPA Research Triangle Park, NC 919-541-0007
Federal Contact - John B. Smith 919-541-1087 - smith.johnb@xxxxxxx
_______________________________________________
LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
or go to http://www.in-addr.de/mailman/listinfo/lvs-users
Berkeley Alexander
Temple House, 25-26 High Street, Lewes, East Sussex, BN7 2SD
Tel 01273 477784, Fax 01273 478994
www.baonline.co.uk
PLEASE NOTE:
The information in this e-mail is confidential and may be legally privileged.
It may not represent the views of Berkeley Alexander. It is intended solely for
the addressees. Access to this e-mail by anyone else is unauthorised. If you
are not the intended recipient, any disclosure, copying, distribution or any
action taken or omitted to be taken in reliance on it, is prohibited and may be
unlawful. Any unauthorised recipient should advise the sender immediately of
the error in transmission.
|
