|
Hi,
I have a very light infrastructure, with 2 servers acting as directors
AND real servers.
I came across the packet storm problem where when the MASTER forwards a
connection to the real server on the BACKUP (via DR), the BACKUP treats
it as a VIP connection to be loadbalanced rather than a real server
connection to process. And decides to load balance it back to the MASTER
.....
I'm sure there is a way to do it, maybe with iptables. I'm looking for a
schema explaining how a packet coming on an interface traverses the
various layers (ipvs, netfilter, routing) so I could figure out how to
do it.
My chance is that I have 2 physical interfaces, one public and one
private, so if a packet arrives on the private interface for the VIP,
it's a DR from the MASTER, and if it comes on the public, it's
pre-loadbalance traffic.
Another option would be to be sure that the tables are in sync between
the 2 machines so the BACKUP know that the connection has to be directed
locally. I have tried to setup that feature, but it doesn't seems to
sync really.
PS: no arp issues (kernel 2.6 with net.ipv4.conf.all.arp_ignore = 1 and
net.ipv4.conf.all.arp_announce = 2)
PS2: the realserver on the MASTER works fine.
--
Thomas
|
