|
On Sun, Sep 22, 2013 at 11:16 AM, Andrew Lau <andrew@xxxxxxxxxxxxxx> wrote:
> On Sun, Sep 22, 2013 at 12:09 AM, Ferenc Wagner <wferi@xxxxxxx> wrote:
>
>> Andrew Lau <andrew@xxxxxxxxxxxxxx> writes:
>>
>> > On Sat, Sep 21, 2013 at 9:57 PM, Ferenc Wagner <wferi@xxxxxxx> wrote:
>> >
>> >> Andrew Lau <andrew@xxxxxxxxxxxxxx> writes:
>> >>
>> >>> I have my LVS DR routing setup on a KVM nodes, from a single node it
>> >>> works great.
>> >>>
>> >>> Client->VIP->router dnat->loadbalancer->real server->router
>> >>> snat->VIP->client
>> >>>
>> >>> However when I spread the load across multiple KVM nodes, the
>> >>> connections still hit the real server however nothing seems to be
>> >>> going out
>> >>>
>> >>> Client->VIP->router dnat->LVS (kvm node 1)->real server (kvm node 2)
>> >>>
>> >>> I can see the traffic hitting the real server through the access
>> >>> logs, and a tcpdump shows it's trying to send the response
>> >>> out. 10.0.3.152 being my virtual IP. But the client doesn't seem to
>> >>> get the traffic.
>> >>
>> >> The client certainly gets the traffic, these seem like normal TCP
>> >> session startups to me, with both ends actively involved.
>> >
>> > That's what it definitely looked like, the router packet scan even
>> showed
>> > the packets flowing from the VM however the client is not getting the
>> end
>> > result. Just timing out.
>>
>> I wonder who does the three way handshake and the data excange then,
>> all with correct sequence numbers... Make a packet trace on the client.
>>
>> > Could it be because I'm running NAT between the router->loadbalancer?
>>
>> 10.0.3.152 is the DNAT target address for your real VIP, right? So the
>> packets go:
>>
>> from to via
>> ---------------------------------------------------
>> until DNAT: client VIP external gateway
>> after DNAT: client 10.0.3.152 internal gateway
>> after DR: client 10.0.3.152 realserver
>> reply: 10.0.3.152 client internal gateway
>> after SNAT: VIP client external gateway
>>
>> I don't see any problem with this in principle, especially not anything
>> depending on the number of real servers.
>>
>
> Yup, that's the scenario.
>
> My suspicions were correct though, when the LVS and realserver are on the
> same KVM node the transmissions go through without an issue. But on
> separate KVM nodes (same network) the real servers are receiving the
> request but the client isn't getting anything and the tcpdump looked like
> it was just the client sending re-transmissions to the real server, but the
> real server packets aren't making it to the client.
>
> If the client is within the same network though, it would seem to work so
> it's pointing towards possibly a router issue. But I'm really stuck at
> seeing why this is happening.
>
> Thanks.
>
>
I ended up skipping the NAT and assigning it a /32 address instead, and
that's solved my issue on routing and wasted address space. Thanks again
for your help.
Cheers
> --
>> Regards,
>> Feri.
>>
>> _______________________________________________
>> Please read the documentation before posting - it's available at:
>> http://www.linuxvirtualserver.org/
>>
>> LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
>> Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
>> or go to http://lists.graemef.net/mailman/listinfo/lvs-users
>>
>
>
_______________________________________________
Please read the documentation before posting - it's available at:
http://www.linuxvirtualserver.org/
LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
or go to http://lists.graemef.net/mailman/listinfo/lvs-users
|
