> On Wed, 2007-12-19 at 14:58 +0100, Martijn Grendelman wrote:
>> I am a long-time user of LVS, but now I've got a problem that I can't
>> seem to solve. Searching the HOWTO and the web hasn't given me anything
>> useful, so I turn to the experts now ;-)
> [blush] Oh, what, not me? Right ;-)
Well, yes! Your assessment was correct!
> Anyway: you likely have a pair of "battling" directors. Consider this
> (about which I have written before but am damned if I can find it):
> Client sends SYN to director1. Director1 sends it on to director2, being
> the other realserver - so far this is your scenario.
> Director2's LVS catches the packet and sends it back to director1 for
> service, but director1 already sent that connection to director2, so
> sends the packet back.
> With me so far? Good.
> What happens now is that second paragraph happens ad nauseum, until your
> ethernet between the machines is full up of the same SYN packet,
> performance degrades, and the directors fall over under the load
> I'll have an archive search shortly and post the workaround!
Indeed, the other realserver, being the backup director, had its LVS
rules loaded. After clearing the LVS table on this machine, everything
worked like ever before.
In the past, the machines only had LVS active if they were actually the
active director, but at some point in time, I figured I could just leave
it active, because the stand-by director didn't get any requests anyway.
But of course, in this DR fashion, that is not true.
Thanks A LOT, you saved my day. And thanks to Josheph too, for trying to