|
On Tue, 2012-09-04 at 15:08 -0600, Pete Ashdown wrote:
> The problem I'm getting is that the reply comes back from the wrong
> source with the real IP address of A, B, or C, with the "unexpected
> source" error.
This is not caused by IPVS. The solution is that your DNS server must
UDP bind/connect to the VIP, not the real-server IPs.
The problem is caused by how UDP works in the kernel, and how the socket
API was designed. The source IP of the UDP reply packet, is choosen by
the kernel, via a route table lookup (not based on the incomming
packet). This is know as multi-homed host problem.
Its consider a userspace implementation problem, see:
http://www.spinics.net/lists/netdev/msg207092.html
Userspace can use some other socket API calls to fix this. I have
implemented a reference implementation here (covers both IPv4 and IPv6):
http://www.spinics.net/lists/netdev/msg208236.html
https://github.com/netoptimizer/network-testing/blob/master/src/udp_echo.c
--
Best regards,
Jesper Dangaard Brouer
MSc.CS, Sr. Network Kernel Developer at Red Hat
Author of http://www.iptv-analyzer.org
LinkedIn: http://www.linkedin.com/in/brouer
_______________________________________________
Please read the documentation before posting - it's available at:
http://www.linuxvirtualserver.org/
LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
or go to http://lists.graemef.net/mailman/listinfo/lvs-users
|
