|
Hi
I know that most of you already know about this problem that I have, and
will therefore only give a brief description:
An incoming connection gets successfully added to the connection
table, and ip_vs nats the packet to the correct real server. Every now
and again though, the response from the real server, upon lookup, does
not find the correct vip in the connection table, and ip_vs passes the
packet to iptables.
Someone earlier mentioned that the lookup might fail because of a race
condition within the kernel. Could this be because of SMP/Hyperthreaded
CPU's? Should I even try compiling my kernel for no SMP support to see
if it helps?
I have a Intel XEON 2 processor HT box, now running RH8, and a vanilla
2.4.28 with the ipvs-nfct-2.4.27-3 patch applied (I was hoping to see
the failed lookup not causing problems because iptables would also find
the entry in its own lookup table, but I obviously misunderstood the
implications of nfct, as the problem still persists).
Johan van den Berg
---------------------------------------------------------------------------
This message (and attachments) is subject to restrictions and a disclaimer.
Please refer to http://www.unisa.ac.za/disclaimer for full details.
---------------------------------------------------------------------------
<<<<gwavasig>>>>
<<<< gwavasig >>>>
|
