LVS
lvs-users
Google
 
Web LinuxVirtualServer.org

Re: [lvs-users] LVS Direct Routing Virtualized

To: "LinuxVirtualServer.org users mailing list." <lvs-users@xxxxxxxxxxxxxxxxxxxxxx>
Subject: Re: [lvs-users] LVS Direct Routing Virtualized
From: Ferenc Wagner <wferi@xxxxxxx>
Date: Sat, 21 Sep 2013 16:09:20 +0200
Andrew Lau <andrew@xxxxxxxxxxxxxx> writes:

> On Sat, Sep 21, 2013 at 9:57 PM, Ferenc Wagner <wferi@xxxxxxx> wrote:
>
>> Andrew Lau <andrew@xxxxxxxxxxxxxx> writes:
>>
>>> I have my LVS DR routing setup on a KVM nodes, from a single node it
>>> works great.
>>>
>>> Client->VIP->router dnat->loadbalancer->real server->router
>>> snat->VIP->client
>>>
>>> However when I spread the load across multiple KVM nodes, the
>>> connections still hit the real server however nothing seems to be
>>> going out
>>>
>>> Client->VIP->router dnat->LVS (kvm node 1)->real server (kvm node 2)
>>>
>>> I can see the traffic hitting the real server through the access
>>> logs, and a tcpdump shows it's trying to send the response
>>> out. 10.0.3.152 being my virtual IP. But the client doesn't seem to
>>> get the traffic.
>>
>> The client certainly gets the traffic, these seem like normal TCP
>> session startups to me, with both ends actively involved.
>
> That's what it definitely looked like, the router packet scan even showed
> the packets flowing from the VM however the client is not getting the end
> result. Just timing out.

I wonder who does the three way handshake and the data excange then,
all with correct sequence numbers...  Make a packet trace on the client.

> Could it be because I'm running NAT between the router->loadbalancer?

10.0.3.152 is the DNAT target address for your real VIP, right?  So the
packets go:

               from       to             via
---------------------------------------------------
until DNAT:    client     VIP      external gateway
after DNAT:    client  10.0.3.152  internal gateway
after DR:      client  10.0.3.152      realserver
reply:      10.0.3.152   client    internal gateway
after SNAT:     VIP      client    external gateway

I don't see any problem with this in principle, especially not anything
depending on the number of real servers.
-- 
Regards,
Feri.

_______________________________________________
Please read the documentation before posting - it's available at:
http://www.linuxvirtualserver.org/

LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
or go to http://lists.graemef.net/mailman/listinfo/lvs-users

<Prev in Thread] Current Thread [Next in Thread>