LVS
lvs-users
Google
 
Web LinuxVirtualServer.org

Re: [lvs-users] LVS problem with unreachable - need to frag

To: Khapare Joshi <khapare77@xxxxxxxxx>
Subject: Re: [lvs-users] LVS problem with unreachable - need to frag
Cc: "LinuxVirtualServer.org users mailing list." <lvs-users@xxxxxxxxxxxxxxxxxxxxxx>
From: Julian Anastasov <ja@xxxxxx>
Date: Mon, 12 Mar 2012 11:54:19 +0200 (EET)
        Hello,

On Thu, 8 Mar 2012, Khapare Joshi wrote:

> Hello all,
> 
> I am running pulse on virtual machine for webserver, it seems working
> well, but there is one problem with networking I think. It seems there
> is a problem with lvs server is not fragmenting larger than 1500
> packets size. I did the quick tcpdump and I get following info.
> 
> my problem is when user is uploading files it takes for ever and never
> completes. I am thinking lvs (pulse) is not not fragmenting the larger
> packet size than 1500 hence it never goes to backend server.
> 
> 16:25:22.543563 00:1f:6d:cf:4e:49 > 52:54:00:b5:30:3c, ethertype IPv4
> (0x0800), length 2974: 10.128.1.5.60715 > 10.192.6.1.https: Flags [.],
> seq 7705:10625, ack 146, win 16388, length 2920
> 16:25:22.543590 52:54:00:b5:30:3c > 00:1f:6d:cf:4e:49, ethertype IPv4
> (0x0800), length 590: 10.192.6.1 > 10.128.1.5: ICMP 130.208.165.177
> unreachable - need to frag (mtu 1500), length 556

        Where is this tcpdump created? Please, provide the
following information:

- kernel version of LVS box

- kernel version of test client box if running Linux

- 'tcpdump -lnnnn -vvv -s0 host <client_ip>' running both
on client and on incoming LVS interface, 10 packets around
the first ICMP FRAG NEEDED message.

        Is it happening with any client (real and test client),
check if test client accepts the ICMP error (firewall?) and that
the client actually changes its length in following TCP packets
not to exceed the provided limit with the ICMP message.

> I tested following:
> 
> 1. IP forward is enabled.
> 2. lro,gro are off on eth0
> ethtool -k eth0
> Offload parameters for eth0:
> rx-checksumming: on
> tx-checksumming: on
> scatter-gather: on
> tcp-segmentation-offload: on
> udp-fragmentation-offload: on
> generic-segmentation-offload: on
> generic-receive-offload: off
> large-receive-offload: off
> 3. IPVS version is v1.2.1
> 4. Backend server has arptables and set to mangaled to right interface
> 5. Firewall is allowed on both lvs and backend server.
> 6. http and https are open for all.
> 
> Any help in this would be great.
> 
> K

Regards

--
Julian Anastasov <ja@xxxxxx>

_______________________________________________
Please read the documentation before posting - it's available at:
http://www.linuxvirtualserver.org/

LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
or go to http://lists.graemef.net/mailman/listinfo/lvs-users

<Prev in Thread] Current Thread [Next in Thread>