|
----- Original Message -----
From: "Thomas Pedoussaut" <thomas@xxxxxxxxxxxxxx>
To: "LinuxVirtualServer.org users mailing list."
<lvs-users@xxxxxxxxxxxxxxxxxxxxxx>
Sent: Saturday, May 31, 2008 3:00 AM
Subject: Re: [lvs-users] Possibly beating a dead horse - IPVS-NAT - 1
Director, 2 Realservers
> Memblin wrote:
>> I can get any TCP application to work that I want
>> but what we're looking for is a way to load balance
>> traffic to our DNS resolvers / caching servers.
>>
>> I've seen all over the list where people have had problems
>> with DNS and other UDP based applications and LVS.
>>
>> The only problem I have is that all DNS queries that
>> come in always go to the same real server. I do get an
>> answer back at the client but it's not load balanced of course.
>>
> Just a few questions:
> - what's your LB method ? RR or WRR are the only one working for UDP (no
> sessions)
I've tried RR and WRR and mixing up the weights
> - Can you give us the ouptput of an ipvsadm -ln to check that you
> effectively have both weight > 0
> (and is 1 realserver located o the same host as the director ?)
bal01:/home/crow# ipvsadm -ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
UDP <Public VIP>:53 rr
-> 192.168.1.3:53 Masq 1 0 0
-> 192.168.1.2:53 Masq 1 0 0
The director and both realservers are seperte hardware
Director
eth1 - <Public VIP> -> Internet
eth0 - 192.168.1.1 -> Switch1
ns2
eth0 - 192.168.1.2 -> Switch1
ns3
eth0 - 192.168.1.3 -> Switch1
The director can ping both realservers
the realservers can both ping the director
and reach the world through the director.
> - Are you proceeding the tests from different clients from different
> networks ? There is server affinity in ipvs to "stick" client to
> servers. In the same vein, can you check that there is efectively NO
> traffic to the second resolver.
The clients I am testing with are a machine in a seperate VLAN from
the VIP so it goes through a router to get to <Public VIP> and another
one from out of state.
I both tcpdump and dnstop show the same thing when I fire up the
performance test or run manual 'dig @<Public VIP> <domain>'.
If I remove the realserver from the ipvs config that is currently getting
all the traffice (say num 1), the traffic does go to the other realserver
(say num 2). Then when I put number 1 back into the ipvs configuation
the traffice stays with number 2. If I do nslookups from a windows
box it looks like Windows actually asks for like 8 things per single
request and those get spread out between both servers normally.
> PS: I know some ISP use anycast for deploying farms of DNS resolvers
Some of our networking folks are rather ANYCAST resistant which is
why I was looking for a way to load balance this with a server of sorts. I
think I may go back and tell them they're going to have to do the ANYTCAST
for us.
|
