|
Hi
On Wed, 2006-04-19 at 09:58 -0600, Dan Brown wrote:
> I've been watching errant traffic via tcpdump trying to track some unrelated
> problems and have noticed there is a lot of broadcast traffic coming from
> the active director.
> The traffic all looks like this:
>
> 09:13:04.016297 IP 216.94.150.8.32848 > 224.0.0.81.8848: UDP, length 28
>
> According to some archive posts, this is how Apache session information is
> shared. I haven't dug deeper into the tcp traffic to figure out if this is
> true.
This is the LVS synchronisation daemon pushing state information from
the master to the backup director (and it is in fact multicast, not
broadcast, see http://www.iana.org/assignments/multicast-addresses).
You should have an ipvs_syncmaster process on your master, and an
ipvs_syncbackup process on the backup. This gives you the stateful
failover which is so desirable upon director failure.
It is possible to put this traffic onto a separate interface (like your
heartbeat network) to save it being sent out to all the machines on the
frontend network, but how that's configured depends on which application
you use you manage your LVS.
ipvsadm: --mcast-interface <interface>
keepalived: lvs_sync_daemon_interface option in the VRRP instance
section
ldirectord: seems not to have the option in the CVS version I'm looking
at (Id: ldirectord,v 1.136 2006/04/05 02:12:24 horms) but can be driven
alongside ipvsadm anyway quite happily, providing you don't stomp on the
functionality provided by ldirectord.
HTH
Graeme
|
