|
On Fri, 19 Jan 2007, Janusz Krzysztofik wrote:
Hi,
I am using LVS director with no VIP for load balancing ipsec servers accessed
by NATed clients (udp 500/4500, fwmark method). When I remove a relaserver
(ipvsadm -d ...), its clients are not notified after their connections
expire.
hmm, expire == timeout?
does the client get a new realserver? Why does the client
need to know that the old realserver is no longer there?
I suspect that icmp responses are simply not generated on the
director as they sholud be -
possibly. The icmp code was written before anyone thought of
VIP-less directors.
I can not see them with tcpdump nor trace them
with iptables rules. I could not find any piece of code in the IPVS sources
(linux 2.6.18) that would generate such error responses. Are these icmp
messages supposed to be generated by other means?
Well there used to be icmp error handling code there.
If so, could it be that a
director with no VIP is not able to respond?
Horms, Julian
any ideas?
Thanks Joe
--
Joseph Mack NA3T EME(B,D), FM05lw North Carolina
jmack (at) wm7d (dot) net - azimuthal equidistant map
generator at http://www.wm7d.net/azproj.shtml
Homepage http://www.austintek.com/ It's GNU/Linux!
|
