LVS
lvs-users
Google
 
Web LinuxVirtualServer.org

[lvs-users] lvs works behind a hareware firewall through public network

To: <lvs-users@xxxxxxxxxxxxxxxxxxxxxx>
Subject: [lvs-users] lvs works behind a hareware firewall through public network
From: 孙楠松 <sunnansong@xxxxxxxxxxxxxxx>
Date: Thu, 24 Oct 2013 18:58:04 +0800
Hi there !

 

         I have an emergency problem now , and I join this mail list expect
some help , thanks all of you !

 

         The case scene:

         user ---->  public IP( supplied by a hardware firewall)  ----->
public IP(supplied by LVS : NAT,rr)  ---->  5 Real Servers(nginx、php-fpm)
----> Mysql

         maybe you can see the hidden trouble , lvs only can see only one
client(one prublic IP , the hardware firewall)

         

         The trouble is:

         Sometimes , the request is very unbalanced !

lvs puts a lots of requests to 1 real server. And this poor、unlucky real
server have to handle 3 times more then others!

I count this from the nginx access.log

         most of the times , lvs balances well!

         I try to use LeastConn instead of RoundRobin, but doest effect.

 

         (some one said the frewall and LVS should work in a LAN, why must I
use this architecture? Because some more cold backup firewalls are in
different IDC. to prevent DDOS and redundancy )

 

         Any ideas ? Thanks very mych !

_______________________________________________
Please read the documentation before posting - it's available at:
http://www.linuxvirtualserver.org/

LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
or go to http://lists.graemef.net/mailman/listinfo/lvs-users
<Prev in Thread] Current Thread [Next in Thread>
  • [lvs-users] lvs works behind a hareware firewall through public network, 孙楠松 <=