|
Hello,
I'm running LVS using NAT, the director is connected to the internet
(MTU 1500) and the real
servers are connected to the director by a GbE local network (MTU 9000),
they use the
director as a gateway.
On the director :
- /sbin/iptables -t nat -A POSTROUTING -s 192.168.1.0/24 -o eth0 -j
MASQUERADE
- /proc/sys/net/ipv4/ip_no_pmtu_disc = 0
- /proc/sys/net/ipv4/conf/eth0/send_redirects = 1
There are no errors in logs.
On the real servers:
- /sbin/iptables -t nat -A OUTPUT -p tcp -d $VIP --dport 80 -j DNAT
--to ${RIP}:80
- /proc/sys/net/ipv4/ip_no_pmtu_disc = 0
- /proc/sys/net/ipv4/conf/eth0/send_redirects = 1
This configuration works very well with most clients but not with all.
With a tunisian DSL ISP clients can't browse the websites if GbE local
network
has a 1500 MTU instead of 9000.
With a french ISP (Wanadoo, Livebox Sagem working with Vxworks) POST
doesn't work
at all if the request is too long.
I've tried the following the solution found in the how-to (executed on
each real server with gateway
as the VIRTUAL-IP):
iptables -A OUTPUT -s VIRTUAL-IP -p tcp -m tcp --tcp-flags SYN,RST,ACK
SYN,ACK -j TCPMSS --set-mss 1440
It doesn't change anything.
URL for the tests is http://web.planet-work.com/post.php
Regards,
Frédéric.
--
Frédéric VANNIERE
Directeur Technique
PLANET-WORK
231 rue Saint-Honoré
75001 PARIS - FRANCE
Tél : 0891 024 424
Fax : 0143 461 199
Web : http://www.planet-work.com
|
