|
Hi Srini,
Have you disabled the source and destination checks on both the real
servers and the load balancers?
Aaron West
Loadbalancer.org
www.loadbalancer.org
+1 888 867 9504 / +44 (0)330 380 1064
aaron@xxxxxxxxxxxxxxxx
LEAVE A REVIEW | DEPLOYMENT GUIDES | BLOG
On 24 September 2017 at 01:20, Srinivas Boga <bseenu@xxxxxxxxx> wrote:
> my bad, the reset on real server is happening as the part of the tcp check
> and not from load balancer
>
> So the lvs director replies with rst,ack as a reply to syn packet
>
> -srini
>
> On Sat, Sep 23, 2017 at 9:46 AM, Srinivas Boga <bseenu@xxxxxxxxx> wrote:
>
>> In AWS, I am trying to get the keepalived/ipvs working and see that the
>> load balancer/director does not forward the requests to my real server
>>
>>
>> ubuntu@ip-172-31-6-2:~$ cat /etc/keepalived/keepalived.conf
>> global_defs {
>> notification_email {
>> test@xxxxxxxx
>> }
>> }
>>
>> virtual_server 13.57.18.235 1935 {
>> delay_loop 30
>> lb_algo rr
>> lb_kind DR
>> persistence_timeout 50
>> protocol TCP
>> real_server 172.31.12.15 1935 {
>> TCP_CHECK {
>> connect_port 1935
>> connect_timeout 3
>> }
>> }
>> }
>>
>> vrrp_instance v1 {
>> state MASTER
>> interface eth0
>> lvs_sync_daemon_interface eth0
>> virtual_router_id 51
>> priority 150
>> advert_int 1
>> virtual_ipaddress {
>> 13.57.18.235
>> }
>> }
>>
>> ubuntu@ip-172-31-6-2:~$ sudo ipvsadm -L -n
>> IP Virtual Server version 1.2.1 (size=4096)
>> Prot LocalAddress:Port Scheduler Flags
>> -> RemoteAddress:Port Forward Weight ActiveConn InActConn
>> TCP 13.57.18.235:1935 rr persistent 50
>> -> 172.31.12.15:1935 Route 1 0 0
>>
>> loopback on real
>>
>> ubuntu@ip-172-31-12-15:~$ ifconfig lo:0
>> lo:0 Link encap:Local Loopback
>> inet addr:13.57.18.235 Mask:255.0.0.0
>> UP LOOPBACK RUNNING MTU:65536 Metric:1
>>
>> When i run tcpdump on both the loadbalancer and real see that tcp reset
>> happens on the loadbalancer after sync and reset happens after the
>> handshake on the real
>>
>> tcpdump on loadbalancer
>>
>> 03:50:35.405489 IP (tos 0x0, ttl 51, id 59005, offset 0, flags [DF],
>> proto TCP (6), length 64)
>> c-98-207-84-68.hsd1.ca.comcast.net.51279 >
>> ip-172-31-6-2.us-west-1.compute.internal.1935: Flags [S], cksum 0x4e32
>> (correct), seq 2162214371 <(216)%20221-4371>, win 65535, options [mss
>> 1460,nop,wscale 5,nop,nop,TS val 373641902 ecr 0,sackOK,eol], length 0
>> E..@.}@.3...b.TD.....O..............N2.............
>> .ER.........
>> 03:50:35.405531 IP (tos 0x0, ttl 64, id 46103, offset 0, flags [DF],
>> proto TCP (6), length 40)
>> ip-172-31-6-2.us-west-1.compute.internal.1935 >
>> c-98-207-84-68.hsd1.ca.comcast.net.51279: Flags [R.], cksum 0x2ff8
>> (correct), seq 0, ack 1, win 0, length 0
>> E..(..@.@.......b.TD...O........P.../...
>>
>> tcpdump on real
>>
>> ip-172-31-6-2.us-west-1.compute.internal.44230 >
>> ip-172-31-12-15.us-west-1.compute.internal.1935: Flags [S], cksum 0x9ef2
>> (correct), seq 2759878464, win 26883, options [mss 8961,sackOK,TS val
>> 2324983234 ecr 0,nop,wscale 7], length 0
>> E..<.v@.@.?...............g@......i.......#....
>> ..m.........
>> 03:51:52.362958 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto
>> TCP (6), length 60)
>> ip-172-31-12-15.us-west-1.compute.internal.1935 >
>> ip-172-31-6-2.us-west-1.compute.internal.44230: Flags [S.], cksum 0x6a7e
>> (incorrect -> 0x7528), seq 527723804, ack 2759878465, win 26847, options
>> [mss 8961,sackOK,TS val 156996593 ecr 2324983234,nop,wscale 7], length 0
>> E..<..@.@..l.............tm...gA..h.j~....#....
>> [....m.....
>> ip-172-31-6-2.us-west-1.compute.internal.44230 >
>> ip-172-31-12-15.us-west-1.compute.internal.1935: Flags [.], cksum 0x294e
>> (correct), seq 1, ack 1, win 211, options [nop,nop,TS val 2324983234 ecr
>> 156996593], length 0
>> E..4.w@.@.?...............gA.tm.....)N.....
>> ..m. [..
>> 03:51:52.363391 IP (tos 0x0, ttl 64, id 36984, offset 0, flags [DF],
>> proto TCP (6), length 52)
>> ip-172-31-6-2.us-west-1.compute.internal.44230 >
>> ip-172-31-12-15.us-west-1.compute.internal.1935: Flags [R.], cksum 0x294a
>> (correct), seq 1, ack 1, win 211, options [nop,nop,TS val 2324983234 ecr
>> 156996593], length 0
>> E..4.x@.@.?...............gA.tm.....)J.....
>> ..m. [..
>>
>> Let me know if i am missing anything here
>>
> _______________________________________________
> Please read the documentation before posting - it's available at:
> http://www.linuxvirtualserver.org/
>
> LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
> Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
> or go to http://lists.graemef.net/mailman/listinfo/lvs-users
_______________________________________________
Please read the documentation before posting - it's available at:
http://www.linuxvirtualserver.org/
LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
or go to http://lists.graemef.net/mailman/listinfo/lvs-users
|
