|
Hi All,
I'm trying to build a redundant squid setup with LVS-DR on Gentoo. I
have all the individual bits up and running, but am having difficulty
getting it all to play nicely.
I can connect via telnet to the individual squid servers OK, and if try
to connect to the VIP it works fine, as long as the realserver chosen is
the localserver. If ipvsadm chooses gb-squid2, I get a timeout.
Hearbeat and failover seem to work; if I shut down gb-squid1, gb-squid2
gets the VIP.
I hope I've dealt with the ARP problem by doing:
net.ipv4.conf.all.arp_ignore = 1
net.ipv4.conf.all.arp_announce = 2
The kernel is gentoo-dev-sources 2.6.10-r6, and comes with all the LVS
patches.
The problem seems to be the re-directing of the packets, either in the
re-direction itself, or the acceptance by the 2nd realserver. Here's a
tcpdump from gb-squid2 during the attempted connect.
17:49:29.550156 IP (tos 0x0, ttl 128, id 56768, offset 0, flags [DF],
length: 48
) csuk4.verity.com.1957 > gb-squid-vip.verity.com.webcache: S [tcp sum
ok] 38887
23856:3888723856(0) win 65535 <mss 1460,nop,nop,sackOK>
Any hints on how I could narrow down the problem?
Am I supposed to have a VIP alias on lo: on the 2nd realserver? Cause I
don't have one :-(
Thanks for your time.
James Masson
Example output
--------------
Ipvsadm
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP gb-squid-vip.verity.com:webc wlc persistent 300
-> localhost:webcache Local 1 0 3
-> gb-squid2:webcache Route 1 0 1
--------------
Config files:
-----------------
Ldirector.cf
logfile="local0"
virtual = 172.22.4.60:3128
real = gb-squid1:3128 gate
real = gb-squid2:3128 gate
scheduler = wlc
protocol = tcp
persistent = 300
------------------
Haresources
gb-squid1 172.22.4.60 ldirectord
------------------
Ha.cf
logfacility local0
keepalive 2
deadtime 30
warntime 10
initdead 120
ucast eth0 172.22.4.62
auto_failback on
node gb-squid1
node gb-squid2
--------------------
|
