Hi guys -
I'm having an issue with a 2-node setup (similar setup to what's described here) where established sessions to a particular real server don't fail over when that real server fails. That is, if a connection exists in the LVS connection state table and that real server goes down, the connections to that real server persist, rather than being cleared from the table as I would expect.
My test in a little more detail:
1) Start my service on realserver1 ONLY and open a connection (thus forcing a connection to realserver1)
2) Stop the service on realserver1 and start it on realserver2, verifying "ipvsadm -Ln" shows realserver1 down and realserver2 up
3) Establish a "new" connection to the VIP, forcing the same source port & IP with nc
4) The connection fails, trying to connect to realserver1 (verified by tcpdump)
It appears that this is because the state table still contains an entry for "SRCIP:SRCPORT VIP:DSTPORT realserver1:DSTPORT". I am new to LVS, but I assume this is not the expected behavior, because it seems it would be a fairly typical scenario if both load balancers were, for example, behind a PAT firewall.
Can anyone shed some light on this, and how I might possibly fix it? I am new to LVS so any help is appreciated!
Cheers -
elliott barrere | 206.351.3520
_______________________________________________
Please read the documentation before posting - it's available at:
http://www.linuxvirtualserver.org/
LinuxVirtualServer.org mailing list - lvs-users@LinuxVirtualServer.org
Send requests to lvs-users-request@LinuxVirtualServer.org
or go to http://lists.graemef.net/mailman/listinfo/lvs-users
I'm having an issue with a 2-node setup (similar setup to what's described here) where established sessions to a particular real server don't fail over when that real server fails. That is, if a connection exists in the LVS connection state table and that real server goes down, the connections to that real server persist, rather than being cleared from the table as I would expect.
My test in a little more detail:
1) Start my service on realserver1 ONLY and open a connection (thus forcing a connection to realserver1)
2) Stop the service on realserver1 and start it on realserver2, verifying "ipvsadm -Ln" shows realserver1 down and realserver2 up
3) Establish a "new" connection to the VIP, forcing the same source port & IP with nc
4) The connection fails, trying to connect to realserver1 (verified by tcpdump)
It appears that this is because the state table still contains an entry for "SRCIP:SRCPORT VIP:DSTPORT realserver1:DSTPORT". I am new to LVS, but I assume this is not the expected behavior, because it seems it would be a fairly typical scenario if both load balancers were, for example, behind a PAT firewall.
Can anyone shed some light on this, and how I might possibly fix it? I am new to LVS so any help is appreciated!
Cheers -
elliott barrere | 206.351.3520
_______________________________________________
Please read the documentation before posting - it's available at:
http://www.linuxvirtualserver.org/
LinuxVirtualServer.org mailing list - lvs-users@LinuxVirtualServer.org
Send requests to lvs-users-request@LinuxVirtualServer.org
or go to http://lists.graemef.net/mailman/listinfo/lvs-users