LVS
lvs-users
Google
 
Web LinuxVirtualServer.org

Re: [lvs-users] DNS LVS questions

To: "LinuxVirtualServer.org users mailing list." <lvs-users@xxxxxxxxxxxxxxxxxxxxxx>
Subject: Re: [lvs-users] DNS LVS questions
Cc: Pete Ashdown <pashdown@xxxxxxxxxxxx>
From: Jesper Dangaard Brouer <brouer@xxxxxxxxxx>
Date: Thu, 06 Sep 2012 13:11:23 +0200
On Tue, 2012-09-04 at 15:08 -0600, Pete Ashdown wrote:
> The problem I'm getting is that the reply comes back from the wrong
> source with the real IP address of A, B, or C, with the "unexpected
> source" error. 

This is not caused by IPVS.  The solution is that your DNS server must
UDP bind/connect to the VIP, not the real-server IPs.

The problem is caused by how UDP works in the kernel, and how the socket
API was designed.  The source IP of the UDP reply packet, is choosen by
the kernel, via a route table lookup (not based on the incomming
packet). This is know as multi-homed host problem.

Its consider a userspace implementation problem, see:
http://www.spinics.net/lists/netdev/msg207092.html

Userspace can use some other socket API calls to fix this.  I have
implemented a reference implementation here (covers both IPv4 and IPv6):
 http://www.spinics.net/lists/netdev/msg208236.html
 https://github.com/netoptimizer/network-testing/blob/master/src/udp_echo.c

-- 
Best regards,
  Jesper Dangaard Brouer
  MSc.CS, Sr. Network Kernel Developer at Red Hat
  Author of http://www.iptv-analyzer.org
  LinkedIn: http://www.linkedin.com/in/brouer



_______________________________________________
Please read the documentation before posting - it's available at:
http://www.linuxvirtualserver.org/

LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
or go to http://lists.graemef.net/mailman/listinfo/lvs-users

<Prev in Thread] Current Thread [Next in Thread>