LVS
lvs-users
Google
 
Web LinuxVirtualServer.org

Re: [lvs-users] IPv6 vs IPv4 fwmark services

To: lvs-users@xxxxxxxxxxxxxxxxxxxxxx, wferi@xxxxxxx
Subject: Re: [lvs-users] IPv6 vs IPv4 fwmark services
From: Sohgo Takeuchi <sohgo@xxxxxxxxxxxxxxxx>
Date: Tue, 15 Feb 2011 17:44:32 +0900 (JST)
From: Ferenc Wagner <wferi@xxxxxxx>
|
> Sohgo Takeuchi <sohgo@xxxxxxxxxxxxxxxx> writes:
> 
>> From: Ferenc Wagner <wferi@xxxxxxx>
>>
>>> I'm running ldirectord with
>>> http://hg.linux-ha.org/agents/rev/6e8b562f5414 applied for better IPv6
>>> support.  Basically, it works fine, thanks for implementing this.  But I
>>> wonder whether there's a fundamental reason for not allowing IPv4 and
>>> IPv6 virtual services with the same fwmark, like
>>> 
>>> virtual=1
>>>   [...]
>>> virtual6=1
>>>   [...]
>>> 
>>> which results in
>>> 
>>> Error [21297] reading file /etc/ldirectord.cf at line 15: duplicate virtual 
>>> server
>>> 
>>> if tried.  Is this only an overzealous sanity check in ldirectord, or
>>> are iptables and ip6tables fwmarks actually related somehow?
>>
>> Thanks for the report.
>>
>> When I enhanced the IPv6 support of ldirectord, I forgotten to
>> take care about this case. I also think that ldirectord should
>> support this case.
> 
> Great, and thanks for taking care of IPv6 support in ldirectord!
> So what do you think about my patch?  Not that I feel strongly about
> it, but I'd better stop using it if it's broken...

I've used your patch. It works good in my environment too.
Thanks for the patch!

I've found that another problem about an IPv6 fwmark of
ldirectord. The ldirectord does not handle an output of the
ipvsadm command when using an IPv6 fwmark.  I've made a
patch. If you are interested in the patch, please try.

Thank you.

-- sohgo
diff --git a/ldirectord/ldirectord.in b/ldirectord/ldirectord.in
--- a/ldirectord/ldirectord.in
+++ b/ldirectord/ldirectord.in
@@ -2403,14 +2403,14 @@
                if (not defined $line) {
                        last;
                }
-               if ($line =~ 
/^(\w+)\s+(\d+\.\d+\.\d+\.\d+\:\d+|\[[0-9A-Fa-f:]+\]:\d+|\d+)\s+(\w+)\s+persistent\s+(\d+)\s+mask\s+(.*)/)
 {
-                       $real_service = "$2 ".lc($1);
+               if ($line =~ 
/^(\w+)\s+(\d+\.\d+\.\d+\.\d+\:\d+|\[[0-9A-Fa-f:]+\]:\d+|\d+)( 
IPv6)?\s+(\w+)\s+persistent\s+(\d+)\s+mask\s+(.*)/) {
+                       $real_service = &gen_real_service_str($2, $1, $3);
                        $oldsrv{"$real_service"} = {"real"=>{}, 
"scheduler"=>$3, "persistent"=>$4, "netmask"=>$5};
-               } elsif ($line =~ 
/^(\w+)\s+(\d+\.\d+\.\d+\.\d+\:\d+|\[[0-9A-Fa-f:]+\]:\d+|\d+)\s+(\w+)\s+persistent\s+(\d+)/)
 {
-                       $real_service = "$2 ".lc($1);
+               } elsif ($line =~ 
/^(\w+)\s+(\d+\.\d+\.\d+\.\d+\:\d+|\[[0-9A-Fa-f:]+\]:\d+|\d+)( 
IPv6)?\s+(\w+)\s+persistent\s+(\d+)/) {
+                       $real_service = &gen_real_service_str($2, $1, $3);
                        $oldsrv{"$real_service"} = {"real"=>{}, 
"scheduler"=>$3, "persistent"=>$4};
-               } elsif ($line =~ 
/^(\w+)\s+(\d+\.\d+\.\d+\.\d+\:\d+|\[[0-9A-Fa-f:]+\]:\d+|\d+)\s+(\w+)/) {
-                       $real_service = "$2 ".lc($1);
+               } elsif ($line =~ 
/^(\w+)\s+(\d+\.\d+\.\d+\.\d+\:\d+|\[[0-9A-Fa-f:]+\]:\d+|\d+)( IPv6)?\s+(\w+)/) 
{
+                       $real_service = &gen_real_service_str($2, $1, $3);
                        $oldsrv{"$real_service"} = {"real"=>{}, 
"scheduler"=>$3};
                } elsif ($line =~ /^  
->\s+(\d+\.\d+\.\d+\.\d+\:\d+|\[[0-9A-Fa-f:]+\]:\d+)\s+(\w+)\s+(\d+)/) {
                        if (not defined( $real_service)) {
@@ -2438,6 +2438,20 @@
        return(\%oldsrv);
 }
 
+sub gen_real_service_str
+{
+       my ($service_address, $protocol, $v6flag) = @_;
+
+       return "$service_address ".lc($protocol).(defined($v6flag) ? "6" : "");
+}
+
+sub get_real_service_str
+{
+       my ($v) = (@_);
+
+       return &get_virtual($v) . " "  . $v->{protocol} . ($v->{addressfamily} 
== AF_INET6 ? "6" : "");
+}
+
 sub ld_start
 {
        my $oldsrv;
@@ -2451,7 +2465,7 @@
 
        # make sure virtual servers are up to date
        foreach $nv (@VIRTUAL) {
-               my $real_service = &get_virtual($nv) . " "  . $nv->{protocol};
+               my $real_service = &get_real_service_str($nv);
 
                if (exists($oldsrv->{"$real_service"})) {
                        # service exists, modify it
@@ -2468,7 +2482,7 @@
        # make sure real servers are up to date
        foreach $nv (@VIRTUAL) {
                my $nreal = $nv->{real};
-               my $ov = $oldsrv->{&get_virtual($nv) . " " . $nv->{protocol}};
+               my $ov = $oldsrv->{&get_real_service_str($nv)};
                my $or = $ov->{real};
                my $fallback = fallback_find($nv);
 
@@ -2498,7 +2512,7 @@
                        delete($$or{$k});
                }
 
-               delete($oldsrv->{&get_virtual($nv) . " " . $nv->{protocol}});
+               delete($oldsrv->{&get_real_service_str($nv)});
                &fallback_on($nv);
        }
 
@@ -2511,8 +2525,7 @@
 
        # remove remaining entries for virtual servers
        foreach $nv (@OLDVIRTUAL) {
-               if (! defined($oldsrv->{&get_virtual($nv) . " " .
-                                       $nv->{protocol}})) {
+               if (! defined($oldsrv->{&get_real_service_str($nv)})) {
                        next;
                }
                purge_virtual($nv, "start");
@@ -3747,7 +3760,7 @@
        $virtual_str = &get_virtual($v);
 
        $oldsrv=&ld_read_ipvsadm();
-       $ov=$oldsrv->{$virtual_str . " " . $v->{"protocol"}};
+       $ov=$oldsrv->{&get_real_service_str($v)};
        if(!defined($ov)){
                return;
        }
@@ -3867,7 +3880,7 @@
        #if the server exists then restore its weight
        # otherwise add the server
        $oldsrv=&ld_read_ipvsadm();
-       $ov=$oldsrv->{&get_virtual($v) . " " . $v->{"protocol"}};
+       $ov=$oldsrv->{&get_real_service_str($v)};
        if(defined($ov)){
                $or=$ov->{"real"}->{$rservice};
        }
_______________________________________________
Please read the documentation before posting - it's available at:
http://www.linuxvirtualserver.org/

LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
or go to http://lists.graemef.net/mailman/listinfo/lvs-users
<Prev in Thread] Current Thread [Next in Thread>