|
> -----Original Message-----
> From: lvs-users-bounces@xxxxxxxxxxxxxxxxxxxxxx
> [mailto:lvs-users-bounces@xxxxxxxxxxxxxxxxxxxxxx] On Behalf
> Of Lloyd Brown
> Sent: Tuesday, July 29, 2014 12:58 AM
> To: lvs-users@xxxxxxxxxxxxxxxxxxxxxx
> Subject: [lvs-users] TCP Connection Sync Problems RHEL
>
> Hi, all.
>
> I'm currently testing a RHEL 6.5 based LVS Director setup for
> load balancing SSH connections. I've used Debian directors
> for a number of years, and they've worked great, but for some
> reason, the RHEL directors aren't acting the way I'm expecting.
>
> Basically I'm seeing two things:
> - The backup director doesn't seem to be getting the client
> connection info synchronized
> - The connection info (eg. the output of "ipvsadm -L -c")
> doesn't show the connection closing. Instead it stays in
> "ESTABLISHED" state until it times out.
>
> I'm not really sure how to troubleshoot the second issue. So
> for now, I'm focusing on the first, the one about the
> connection sync problem. I did capture the packets between
> the two directors, using tcpdump, and when I open the capture
> file in wireshark, I see "Connection Count: 0".
> When I do a similar capture on my working Debian directors,
> I see non-zero connection count, and the details of the
> specific connections, in the wireshark analysis.
>
> Any thoughts here? How do I go about finding the problem
> here? Should I be looking at kernel code? ipvsadm code?
>
> I'm using keepalived to manage this, so I'll include that
> .conf file here, as well as example capture files from my
> working Debian setup, and the non-working RHEL test setup.
> Note that the packet captures also include the VRRP sync
> packets, but they can be ignored.
>
> Both directors are basically stock RHEL 6.5, running kernel
> 2.6.32-431.17.1.el6.x86_64, keepalived-1.2.7, and ipvsadm-1.25.
>
> If anyone can point me in the right direction on how to
> diagnose this, I'd appreciate it.
>
> Thanks,
>
Hi Lloyd,
do you have disables SELinux for the RHEL hosts? By the way: also set the
firewall to accept all (later if all is working you should set up a firewall
of cause)
I wich way you communicate the keepalived between the two directors? Over
Ethernet or serial cable?
best regards
Frank
mfg
Frank Kirschner
==============================
Frank Kirschner
IT Services
Celebrate Records GmbH
Am Birkenwaeldchen 2
09366 Stollberg
Germany
mail: frank@xxxxxxxxxxxx
web: www.celebrate.de
fon: +49 37296 9201 60
fax: +49 37296 9201 75
CEO: Carsten Haupt
USt ID: DE 812 617 147
Registered at Country Court Chemnitz
HRB ID: 16308
------------------------------
PGP-Key is available at pgp.mit.edu
------------------------------
_______________________________________________
Please read the documentation before posting - it's available at:
http://www.linuxvirtualserver.org/
LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
or go to http://lists.graemef.net/mailman/listinfo/lvs-users
|
