|
Hi
On Wed 14 Dec 2005 08:53:17 GMT , Leon Keijser <errtu@xxxxxxx> wrote:
This morning when i did a 'ipvsadm -ln' i saw something weird:
rpzlvs01 root # ipvsadm -ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.50.10:3389 wlc persistent 43200
-> 192.168.50.12:3389 Route 1 912 0
-> 192.168.50.15:3389 Route 1 22 0
-> 192.168.50.13:3389 Route 1 22 0
-> 192.168.50.16:3389 Route 1 21 0
-> 192.168.50.11:3389 Route 1 20 1
-> 192.168.50.18:3389 Route 1 21 0
-> 192.168.50.17:3389 Route 1 624 0
TCP 192.168.50.120:1494 wlc persistent 43200
-> 192.168.50.121:1494 Route 1 2 0
-> 192.168.50.122:1494 Route 1 3 0
TCP 192.168.51.202:22 wlc
-> 127.0.0.1:22 Local 1 0 0
Wtf? 912 and 624 connections? When i check on the real-server everything
seems normal. Okay, load balancing isn't working too good (8 clients on one
server, 30 on another), but maybe this is because LVS is thinking it already
has 900+ connections, and shouldn't route anyone to there anymore.
The logfiles don't show anything abnormal either. Anyone who knows where to
look?
You're using persistence, which is probably a clue...
What does "ipvsadm -Lnc" tell you? That'll list the connections out so
you should be able to see which clients[0] are causing you the problem.
You can grep the output for "ESTABLISHED" and/or "NONE" to see the
active and persistent entries respectively.
[0] bear in mind that they may not be *your* clients. This could in
theory at least be caused by something rogue.
I'd guess you have a machine (or more than one) in your client base
which is broken in some way. Which way I'll leave to you to find, but
as these are RDP connections and the most likely clients are Windows
machines...
Graeme
|
