|
Hi list,
We use IPVS and Keepalived in a high availability configuration. See
below for the details:
- Debian Etch stable
- Keepalived 1.1.12-1, Debian apt version
- Linux kernel v 2.6.19.1, with patch for sync ipvs states and conntrack
states from Julian (http://www.ssi.bg/~ja/nfct/)
- 2x e1000, driver v7.6.9 stable, in bonding
- 2x Broadcom, 1 use for ipvs sync
We use this installation for the load balancing of web server, high
availability of gateway addresses and to filter incoming and outgoing
traffic.
We have an average of 100mb/s on outgoing with a peak above 200mb/s
during high activity. The minimum traffic is approximatively 60mb/s.
When the secondary firewall gets the traffic due to a failure of the
first one, the machine is in a frozen state for more or less than 10
seconds:
- traffic is dramatically decreasing
- console not responding
- web site behind keepalived are not responding
In the past, with a kernel 2.6.11.11 and an anterior version of
Keepalived (1.1.10 I think), this behavior not occured.
Comments and help are welcome.
Regards,
--
Guillaume Leccese
13, rue Greneta 75003 Paris
tel: 01 44 78 63 66 - fax: 01 44 78 63 65
http://www.oxalide.com
|
