[lvs-users] Understanding granularity, timeouts and unexpected balance o

To: lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Subject: [lvs-users] Understanding granularity, timeouts and unexpected balance of traffic on reals
From: Abhijeet Rastogi <abhijeet.1989@xxxxxxxxx>
Date: Thu, 15 Aug 2019 13:11:00 -0700
Hi everyone,

I'm investigating a typical configuration for an L4 TCP load balancer using
ipvs+keepalived. Settings:-

persistence_timeout: 120 seconds.  (# LVS persistence timeout, sec)
/sbin/ipvsadm --set 1800 120 300 (30 min timeout for TCP)
persistence_granularity: "48" for ipv6.
lb_algo: rr (round-robin)

My expectation is, all the IPs from the same /48 v6 subnet should always
reach the same real_server because of setting granularity. (at least the
connections created in last 120 seconds)

However, I can see that established connections from the same /48 v6 subnet
are spread across multiple reals, even for recently established

# Same /48 going to different reals, (very recent connections)
1. Grepping with only first 3 quibble to see how a /48 is being
2. " | grep ESTAB | grep 29: | head -n 100" to only see first 100
established connections created in last 60 seconds as my timeout is set to
30:00 (1800 seconds)
4. 6th column is the real IP.
I see that the same /48 is getting distributed across multiple different
reals. (should be same real because of persistence_granularity set to 48).
$ sudo ipvsadm -lnc | grep "xxxx:xxxx:xxxx" | grep ESTAB | grep 29: | head
-n 100 | awk '{print $6}' | sort | uniq -c
      2 [V6IP_REDACTED:9222]:443
      9 [V6IP_REDACTED:9223]:443
      7 [V6IP_REDACTED:9224]:443
     13 [V6IP_REDACTED:9225]:443
      1 [V6IP_REDACTED:9226]:443
      ............ output redacted

   - Why are recent connections going to different reals?
   - For recent connections, shouldn't they always end up on same real?
   - For older connections, I guess, persistence_timeout causes the traffic
   to balance to other reals via round robin.

Thanks in advance!
Abhijeet (
Please read the documentation before posting - it's available at: mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
or go to

<Prev in Thread] Current Thread [Next in Thread>