LVS
lvs-users
Google
 
Web LinuxVirtualServer.org

Re: [lvs-users] DR : real server unable to reach VIP

To: lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Subject: Re: [lvs-users] DR : real server unable to reach VIP
From: Anders Henke <anders.henke@xxxxxxxx>
Date: Wed, 20 May 2015 13:32:03 +0200
On 20.05.2015, Florent B wrote:
> On 05/20/2015 12:21 PM, Michael Schwartzkopff wrote:
> > Am Mittwoch, 20. Mai 2015, 12:00:01 schrieb Florent B:
> >> Some precisions :
> >>
> >> In fact packets are computed by LVS, the problem is that RS receives a
> >> packets with :
> >> - its proper eth0 IP in src, but with mac address of LVS server
> >
> > "its": which IP in the source field? The source IP address should
> always be the
> > IP address of the client. The source address should never be the IP
> adress of
> > the real server.
> >
> > MAC address of the director: That is corret.
> 
> The source IP address is the IP address of the client, but the client
> here is my real server. It tries to connect to VIP.

Hi Florent,

You've hit a very special corner case.

When you're trying to access your VIP from a real server, your real server does 
discover the VIP to be a local IP address. As a consequence, the traffic isn't 
bpassed onto your local network, but routed via loopback and this traffic is 
not being loadbalanced at all, 100% of this traffic is delivered to the same 
real server.

If your client application doesn't specify a specific source IP address, the 
Linux kernel does select an IP address which is (in terms of routing) most 
close to the destination address. In this special cornercase, it is the very 
same IP address than the destination address.

You can verify this behaviour by running "ip route get VIP" on your realserver 
(replace "VIP" by the VIP address). As an example:

$ ip route get 172.17.24.42
local 172.17.24.42 dev lo  src 172.17.24.42 
    cache <local> 

This reads as following:
- 172.17.24.42 is locally configured on this host.
- the packet is being routed via the loopback device ("dev lo").
- source IP address will be 172.17.24.42


Best,

Anders
-- 
1&1 Internet AG              Expert Systems Architect (IT Operations)
Brauerstrasse 50             v://49.721.91374.0
D-76135 Karlsruhe            http://www.1und1.de/

Amtsgericht Montabaur HRB 6484
Vorstand: Frank Einhellinger, Robert Hoffmann, Markus Huhn,
Hans-Henning Kettler, Uwe Lamnek
Aufsichtsratsvorsitzender: Michael Scheeren

_______________________________________________
Please read the documentation before posting - it's available at:
http://www.linuxvirtualserver.org/

LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
or go to http://lists.graemef.net/mailman/listinfo/lvs-users

<Prev in Thread] Current Thread [Next in Thread>