Re: Apache: Simple load balancing

To:	"LinuxVirtualServer.org users mailing list." <lvs-users@xxxxxxxxxxxxxxxxxxxxxx>
Subject:	Re: Apache: Simple load balancing
From:	Horms <horms@xxxxxxxxxxxx>
Date:	Mon, 4 Jul 2005 10:54:45 +0900

On Fri, Jul 01, 2005 at 08:18:25PM +0200, krimo wrote:
> Purcocks, Graham a écrit :
> 
> >Whats the output from
> >
> >Ipvsadm?
> > 
> >
> Here is the output of ipvsadm command:
> 
> TCP  10.16.0.44:www rr
>  -> 10.16.0.41:www               Route   1      0          0       
> 
> It seems to be OK no? (I'm testing only with one real server at the moment)

There are a number of different things that have to take place for 
your load balanced connection to be successful. And LVS-DR is the most
tricky in regards to this.

1. You need to make sure that packets for the VIP arrive on the
   Linux director and are treated as packets that need local delivery.
   This typically means adding the VIP to an interface on the Linux
   director, and surpressing ARP advertisments for the VIP from other
   hosts (only needed for LVS-DR).

2. You need to make sure that once packets are forwarded by LVS,
   the real server can handle them. For LVS-DR, this usually
   means establishing the VIP on the lo interface of the real
   servers and surpressing arp advertisments of the VIP.

3. You need to make sure return packets make it back to the
   end-user. For LVS-NAT this means making sure the return path for
   packets goes through the Linux Director. For LVS-DR it means
   making sure that the don't.

Unfortunately you are stuck at 1. It doesn't matter that you haven't
handled ARP on the real servers because the VIP isn't there. And that
doesn't matter, because packets aren't being forwarded to the real
servers at all.

Assuming that you don't have some crazy iptables or policy routing foo
going on, if the VIP belongs to the Linux Director, and your LVS table
looks like the above, the packets should get intercepted by LVS and sent
to 10.16.0.41. You should see the active or in-active connection count
increment (one of the trailing two 0's above).  Your connection might
not succeede, but in this case your problem would lie in 2 or 3.

The one caveat to all of this is, that with LVS-DR, unless you do
something really special, neither the linux director can act as clients
of the VIP. In both cases connection will, go to the local process, if
there is one. I suspect that you are connecting to the cluster from the
linux director, try a host that is neither the linux director, nor a
real server. It can either be the same network (this wouldn't work for
LVS-NAT) as linux director or a different network that has access to the
VIP.

-- 
Horms

<Prev in Thread]	Current Thread	[Next in Thread>
Apache: Simple load balancing, krimo Re: Apache: Simple load balancing, Joseph Mack NA3T Re: Apache: Simple load balancing, krimo Re: Apache: Simple load balancing, Joseph Mack NA3T Re: Apache: Simple load balancing, krimo RE: Apache: Simple load balancing, Purcocks, Graham Re: Apache: Simple load balancing, krimo Re: Apache: Simple load balancing, Horms <= Re: Apache: Simple load balancing, krimo Re: Apache: Simple load balancing, Horms Re: Apache: Simple load balancing, krimo

Previous by Date:	winnt proxy in LVS setup-----------------, SUKHWINDER PAL
Next by Date:	Re: winnt proxy in LVS setup-----------------, Horms
Previous by Thread:	Re: Apache: Simple load balancing, krimo
Next by Thread:	Re: Apache: Simple load balancing, krimo
Indexes:	[Date] [Thread] [Top] [All Lists]