|
Hi Graeme,
Actually this issue occurred within Keepalived with `per second` loop
delay_loop and 1 second TCP verification check, but since it uses IPVS
under the hood, I sent the question into this mail list.
What I found so far, is `secure_tcp` sysctl option:
http://www.linuxvirtualserver.org/docs/sysctl.html
I was hoping that it will help to reroute the SYN packet to the
different backend, but it doesn't happen.
Regards,
On Fri, Apr 13, 2018 at 1:34 PM, Graeme Fowler <graeme@xxxxxxxxxxx> wrote:
> On 13 Apr 2018, at 10:45, kay <kay.diam@xxxxxxxxx> wrote:
>> I have a special use case for the Direct Routing (DR) mode.
>> Is there a possibility to reroute SYN packets, when they can not be
>> delivered to the backend? It could be easily detected by several SYN
>> packets being sent.
>
> Repeating the earlier answer:
>
> You need an extra application to do this. There are several, but I’d suggest
> you look at keepalived as a first option.
>
> There was much discussion many years ago (20 or so) about putting
> realserver/backend monitoring into IPVS, but it was felt at the time that
> this wasn’t a kernel function and should be handled by a userspace
> application. That still applies today.
>
> Graeme
> _______________________________________________
> Please read the documentation before posting - it's available at:
> http://www.linuxvirtualserver.org/
>
> LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
> Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
> or go to http://lists.graemef.net/mailman/listinfo/lvs-users
_______________________________________________
Please read the documentation before posting - it's available at:
http://www.linuxvirtualserver.org/
LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
or go to http://lists.graemef.net/mailman/listinfo/lvs-users
|
