[lvs-users] packet occasionally gets forwarded to the wrong server

To: lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Subject: [lvs-users] packet occasionally gets forwarded to the wrong server
From: Derrick Lim <derrickltl@xxxxxxxxx>
Date: Wed, 8 Jul 2020 20:28:41 +0900
Hi all,

I've a number of IPVS directors using the source hashing scheduler
(sh, sh-fallback) and TUN method to load balance to a number of real
servers with the same weight. All the IPVS directors are configured
with the same settings and BGP is used to advertise the VIP address on
to the network. All IPVS directors run independently and do not sync

It is my understanding that sh is a consistent hashing algorithm that,
regardless of which IPVS director traffic from the same connection
(5-tuple) ends up on, the packet will be forwarded to the same real
server. Is this understanding correct? Should I be moving to maglev
instead? I'm on ubuntu 18.04, which is why I am using sh instead of

However, very occasionally, a small number of packets from the same
connection gets forwarded to a different real server when they end up
on a different IPVS director. This causes the real server to send a
RST since it has no idea about the connection. Why does this happen?

ipvsadm -L -n looks like this:

IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
  -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
TCP  a.b.c.d:443 sh (sh-fallback)
  -> x.y.z.1:443              Tunnel  10     0          0
  -> x.y.z.2:443              Tunnel  10     0          0
  -> x.y.z.3:443              Tunnel  10     0          0
  -> x.y.z.4:443              Tunnel  10     0          0

I believe this issue is similar to what Philip Moore asked about in
2019-11, which led me to discover that I needed to have the real
servers in the same sequence on each director. However, that didn't
solve my issue, which is why I am asking for help here.

Thanks in advance for any help.


Please read the documentation before posting - it's available at: mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
or go to

<Prev in Thread] Current Thread [Next in Thread>
  • [lvs-users] packet occasionally gets forwarded to the wrong server, Derrick Lim <=