LVS
lvs-users
[Top] [All Lists]
Google
 
Web LinuxVirtualServer.org
<prev [Date] next> <prev [Thread] next>

Re: LVS NAT packets not beein de-masquaraded

from [Johan van den Berg] [Permanent Link]
To: "LinuxVirtualServer.org users mailing list." <lvs-users@xxxxxxxxxxxxxxxxxxxxxx>
Subject: Re: LVS NAT packets not beein de-masquaraded
Cc: Shaun Donovan <SDonovan.HQPO02.HQDomain2@xxxxxxxxxxx>
From: Johan van den Berg <vdberj@xxxxxxxxxxx>
Date: Mon, 07 Mar 2005 12:04:37 +0200 
Hi Horms
Thank you for the response! I was just concerned that nobody sees that as a actual problem at all!
If I knew enough about kernel development I would probably be able to dig in and find the problem myself, but I'm still too new in the whole debugging and testing of kernel code. 

Kind regards
Johan van den Berg

Horms wrote:


Hi Joe,

this definately is a problem that needs to be investigated.
I don't have time right now as I am on holidays, but hopefully
I will get a chance to look into it in the next week or so.
But perhaps Wensong or Julian will get to it first.

On Thu, Mar 03, 2005 at 12:13:40PM -0500, Mack.Joseph@xxxxxxxxxxxxxxx wrote:

Joseph Mack PhD, High Performance Computing & Scientific Visualisation
LMIT, Supporting the EPA Research Triangle Park, NC 919-541-0007
Federal Contact - John B. Smith 919-541-1087 - smith.john@xxxxxxx

lvs-users-bounces@xxxxxxxxxxxxxxxxxxxxxx wrote on 03/03/2005 12:00:46
PM:


Hi,

We have a problem with 6 webservers behind an ipvs node
using wlc & nat.

We're seeing SYN packets come in, beeing forwarded to the webserver,
seeing the webserver send a SYN/ACK back to the ipvs node,
and than from
the lvs node back to the client WITHOUT the src address rewritten.

a few people have reported similar problems with LVS-NAT.
It's not happening with LVS-DR. We don't have a solution yet (I don't
think anyone has a fix on the problem). This didn't happen in older
kernels
(2.4.x) and we don't know when it appeared in the 2.6.x kernels.


This happens only to 10 (guestimate) percent of all
connections.

other people have reported 1 event in 6hrs (I seem to remember)
with a heavily loaded server.

Joe





---------------------------------------------------------------------------
This message (and attachments) is subject to restrictions and a disclaimer. Please refer to http://www.unisa.ac.za/disclaimer for full details. 
---------------------------------------------------------------------------
<<<<gwavasig>>>>
<<<< gwavasig >>>>















[More with this subject...]










<Prev in Thread]
Current Thread
[Next in Thread>



















Previous by Date: 
Re: SLES 9 and LVS, Ryan McCain




Next by Date: 
Re: local node port redirection, Mack . Joseph




Previous by Thread: 
Re: LVS NAT packets not beein de-masquaraded, Julian Anastasov




Next by Thread: 
LVS and multiple squid instances, Carsten Thieswald1




Indexes: 
[Date]
[Thread]
[Top]
[All Lists]