[lvs-users] IPVS/NAT - no connection after real server down

To:	"'lvs-users@xxxxxxxxxxxxxxxxxxxxxx'" <lvs-users@xxxxxxxxxxxxxxxxxxxxxx>
Subject:	[lvs-users] IPVS/NAT - no connection after real server down
From:	"Pitscheider, Oswald" <Oswald.Pitscheider@xxxxxxx>
Date:	Fri, 5 Sep 2008 12:09:41 +0200

Hello,

I have some trouble with a LVS on CentOS 5.1 with kernel 2.6.18-92.1.10.el5.

When both real servers are up, everything works fine, but when I shut down one 
of them, the LVS blocks for a few minutes.
After that time, the LVS seems to work well, but when I start the real server, 
every connection is routed to only one real server.

My configuration is:

Realserver_1:
IP: 10.150.54.10
OS: CentOS 5.1 kernel 2.6.18-92.1.10.el5
Gateway: 10.150.54.6
/etc/sysctl.conf:
net.ipv4.ip_forward = 0
net.ipv4.conf.default.rp_filter = 1
net.ipv4.conf.default.accept_source_route = 0
kernel.sysrq = 0
kernel.core_uses_pid = 1
net.ipv4.conf.eth1.arp_ignore = 1
net.ipv4.conf.eth1.arp_announce = 2
net.ipv4.conf.all.arp_ignore = 1
net.ipv4.conf.all.arp_announce = 2

Realserver_2:
IP: 10.150.54.12
OS: CentOS 4.4 kernel 2.6.9-42.ELsmp
Gateway: 10.150.54.6
Same sysctl file

LVS:
IP eth1: 10.150.54.1
IP eth2: 10.150.50.184
OS: CentOS 5.1 kernel 2.6.18-92.1.10.el5

Keepalived.conf:
vrrp_instance VI_1 {
    state MASTER
    interface eth1
    virtual_router_id 154
    priority 100
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
         10.150.54.6
    }
}
vrrp_instance VI_2 {
    state MASTER
    interface eth2
    virtual_router_id 150
    priority 100
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        10.150.50.187 label eth2:0
    }
}
virtual_server 10.150.50.187 80 {
    delay_loop 20
    lb_algo rr
    lb_kind NAT
    nat_mask 255.255.255.0
    protocol TCP
    real_server 10.150.54.10 80 {
        weight 1
        inhibit_on_failure
        TCP_CHECK {
           connect_timeout 3
           connect_port 80
        }
    }
    real_server 10.150.54.12 80 {
        weight 1
        inhibit_on_failure
        TCP_CHECK {
           connect_timeout 3
           connect_port 80
        }
    }
}

Sysctl.conf
net.ipv4.ip_forward = 1
net.ipv4.conf.default.rp_filter = 1
net.ipv4.conf.default.accept_source_route = 0
kernel.sysrq = 0
kernel.core_uses_pid = 1
net.ipv4.tcp_syncookies = 1
kernel.msgmnb = 65536
kernel.msgmax = 65536
kernel.shmmax = 4294967295
kernel.shmall = 268435456
net.ipv4.vs.expire_quiescent_template = 1

Iptables:
Chain POSTROUTING (policy ACCEPT)
target     prot opt source               destination
MASQUERADE  all  --  anywhere             anywhere



ipvsadm –ln after starting keepalived

IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
  -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
TCP  10.150.50.187:80 rr
  -> 10.150.54.12:80              Masq    1      0          0
  -> 10.150.54.10:80              Masq    1      0          0


…while incoming some requests

IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
  -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
TCP  10.150.50.187:80 rr
  -> 10.150.54.12:80              Masq    1      11         14100
  -> 10.150.54.10:80              Masq    1      1          14110


Ipvsadm –ln after shutting down 10.150.54.12 (httpd stop)

IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
  -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
TCP  10.150.50.187:80 rr
  -> 10.150.54.12:80              Masq    0      0          14067
  -> 10.150.54.10:80              Masq    1      0          14113

You see the second server has no active connections


After a few minutes:

IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
  -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
TCP  10.150.50.187:80 rr
  -> 10.150.54.12:80              Masq    0      0          6251
  -> 10.150.54.10:80              Masq    1      17         14867

After starting 10.150.54.12 (httpd start):

IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
  -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
TCP  10.150.50.187:80 rr
  -> 10.150.54.12:80              Masq    1      0          3
  -> 10.150.54.10:80              Masq    1      16         28204


After a few minutes:

IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
  -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
TCP  10.150.50.187:80 rr
  -> 10.150.54.12:80              Masq    1      0          43
  -> 10.150.54.10:80              Masq    1      8          28179


After restarting keepalived, everything works fine.
When I set weight to 0 (with ipvsadm –e –t 10.150.50.187:80 –r 10.150.54.12:80 
–m –w 0) before the server goes down, I have no problems.
I think, the problem is in ipvs.


Has anyone an idea?

Thanks for help in advance, bye

Oswald
_______________________________________________
LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
or go to http://lists.graemef.net/mailman/listinfo/lvs-users

<Prev in Thread]	Current Thread	[Next in Thread>
[lvs-users] IPVS/NAT - no connection after real server down, Pitscheider, Oswald <= Re: [lvs-users] IPVS/NAT - no connection after real server down, Graeme Fowler Re: [lvs-users] IPVS/NAT - no connection after real server down, Pitscheider, Oswald Re: [lvs-users] IPVS/NAT - no connection after real server down, Graeme Fowler

Previous by Date:	Re: [lvs-users] Redhat init script problem with realservers, Graeme Fowler
Next by Date:	Re: [lvs-users] IPVS/NAT - no connection after real server down, Graeme Fowler
Previous by Thread:	[lvs-users] Redhat init script problem with realservers, David Dyer-Bennet
Next by Thread:	Re: [lvs-users] IPVS/NAT - no connection after real server down, Graeme Fowler
Indexes:	[Date] [Thread] [Top] [All Lists]