Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. Linux Virtual Server>
  3. Users
[lvs-users] Keepalived + ipvsadm
mettichi at gmail
Apr 19, 2019, 2:37 AM
Post #1 of 2 (770 views)
Permalink
Hello,

iam using keepalived ( keepalived-1.3.5-8.el7_6.x86_64) + ipvsadm
( ipvsadm-1.27-7.el7.x86_64) installed on redhat 7, keepalived is used to
forward trafic to 2 freeradius servers. we are using round robin on
keepalived, we have two issues:

1- keepalived doen't send equal trafic to the 2 freeradious servers ( one
recieved more trafic than other despite weight is 1 for both servers)
2- when one of my freeradius servers is stopped keepalived remove it from
the pool and when this backend is started again i see that keepalived
detects that my backend is again up but it doesn't forward traffic to it,
it continues sending traffic only to the first server, i must restart
keepalived every time to solve this issue.

below the configuration:

global_defs
{
enable_script_security
script_user root root
}



vrrp_script chk_myscript {
script "/etc/keepalived/track.sh"
interval 5 # check every 2 seconds
fall 2 # require 2 failures for KO
rise 2 # require 2 successes for OK
}


vrrp_instance VI_LB1 {
state BACKUP
interface eth1
virtual_router_id 145
priority 150
unicast_src_ip 172.25.9.5
unicast_peer {
172.25.9.6
}
virtual_ipaddress {
172.25.9.8 dev eth1 # GGSN --> Radius
172.25.8.8 dev eth2 #
172.25.9.7 dev eth1 #
172.25.8.9 dev eth2 # GATEWAY
}


track_script {
chk_myscript
}


track_interface {
eth2 # Fault if down. eth2 is already monitored by VRRP.
}

nopreempt # to avoid automatic switch
notify "/etc/keepalived/notifyapache.sh"




}

virtual_server_group PORT1812 {
172.25.9.8 1812
172.25.8.8 1812
}

virtual_server_group PORT1813 {
172.25.9.8 1813
172.25.8.8 1813
}




virtual_server 172.25.9.7 80 {
delay_loop 10
lb_algo rr
lb_kind NAT
# nat_mask 255.255.255.240
#persistence_timeout 300
#persistence_granularity 255.255.255.255
protocol TCP

real_server 172.25.8.1 8000 {
weight 1
HTTP_GET {
url {
path /alteon.html

digest a7b8603f1c10e9229bea9e94c9645a53
}
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}


real_server 172.25.8.2 8000 {
weight 1
HTTP_GET {
url {
path /alteon.html

digest a7b8603f1c10e9229bea9e94c9645a53
}
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
}



virtual_server group PORT1812 {
delay_loop 10
lb_algo rr
lb_kind NAT
#persistence_timeout 100 # de-activate for Active/Active
protocol UDP

real_server 172.25.8.3 1812 {
weight 1
MISC_CHECK {
misc_path "/etc/keepalived/bespoke_healthcheck.sh
healthcheck1_srv1"
misc_timeout 5
}
}
real_server 172.25.8.4 1812 {
weight 1
MISC_CHECK {
misc_path "/etc/keepalived/bespoke_healthcheck.sh
healthcheck1_srv2"
misc_timeout 5
}
}
}

virtual_server group PORT1813 {
delay_loop 10
lb_algo rr
lb_kind NAT
#persistence_timeout 100 # de-activate for Active/Active
protocol UDP

real_server 172.25.8.3 1813 {
weight 1
MISC_CHECK {
misc_path "/etc/keepalived/bespoke_healthcheck.sh
healthcheck1_srv1"
misc_timeout 5
}
}
real_server 172.25.8.4 1813 {
weight 1
MISC_CHECK {
misc_path "/etc/keepalived/bespoke_healthcheck.sh
healthcheck1_srv2"
misc_timeout 5
}
}
}



sysctl.conf keeplaived

net.ipv4.ip_forward = 1
net.ipv4.vs.expire_nodest_conn = 1
net.ipv4.vs.expire_quiescent_template = 1
net.ipv4.conf.all.rp_filter = 0
net.ipv4.conf.eth0.rp_filter = 0
net.ipv4.conf.eth1.rp_filter = 0
net.ipv4.conf.eth2.rp_filter = 0


sysctl.conf of freeradius server:

nothing configured here

thanks in advance
Bassem
_______________________________________________
Please read the documentation before posting - it's available at:
http://www.linuxvirtualserver.org/

LinuxVirtualServer.org mailing list - lvs-users@LinuxVirtualServer.org
Send requests to lvs-users-request@LinuxVirtualServer.org
or go to http://lists.graemef.net/mailman/listinfo/lvs-users
Re: [lvs-users] Keepalived + ipvsadm [ In reply to ]
mettichi at gmail
May 31, 2019, 1:44 AM
Post #2 of 2 (752 views)
Permalink
attached is my keepalived.conf file

Le ven. 31 mai 2019 à 09:39, Bassem Mettichi <mettichi@gmail.com> a écrit :

> Hello,
>
> i hope you are all so fine, i need your help concerning keepalived +
> ipvsadm
>
> I have installed keepalived version keepalived-2.0.7-1.el7.x86_64 +
> ipvsadm version ipvsadm-1.27-7.el7.x86_64 on Redhat 7.1, i have 4 backends:
> 2 backends web servers apache httpd and 2 backends freeradius.
> my customers sends accounting requests and http requests, i have 2 VIPs:
> one for http requests on port 80 and other VIP for accounting traffic on
> port 1813.
>
> keepalived is working good for a period of time ( 3 days, 4 days, 5 days,
> ..) but sometimes all http requests coming from my customers don't reach
> backends, these requests are blocked on keepalived server. The problem is
> that when i restart keepalived every thing works again i can see http
> requests reach the backends, this happen only with http requests however
> udp requests for my radius servers never stopped, this traffic is always
> working and can reach the backends, i don't really understand the issue,
> also i have seen that keepalived doen't send the same traffic to backends
> mean 50 50 sometimes when one backend stops and came again up keepalived
> doen't send trafic to this backend only if we restart it.
>
> Attached is my keepalived.conf file, i hope someone can give a hand on
> this problem.
>
> Best Regards
> Bassem
>

Attached Files:

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal