Mailing List Archive

Hi Alexandre,

Alexandre Cassen wrote:
>
> Hi,
>
> I have just publish a little contribution to LVS after negociation with my
> employer. The solution described in the contrib homepage is used in a
> production environnement.

I wish I could have such fruitful negotiations with my employer :)

> The projet is named : Keepalived
>
> The main goal of the keepalived project is to add a strong & robust keepalive
> facility to the Linux Virtual Server project. This project is similar to the
> MON project, but it is in C with multilayer TCP/IP stack checks. Keepalived
> implements a framework based on three family checks : Layer3, Layer4 & Layer5.
> This framework gives the daemon the ability of checking a LVS server pool
> states.When one of the server of the LVS server pool is down, keepalived
> informs the linux kernel via a setsockopt call to remove this server entrie
> from the LVS topology.

Looks interesting at the first glance. Some inputs though:

o Your signalhandling code looks somewhat fishy in keepalived.c.
What if a signal occurs during the execution of logmessage? Why
don't you use sigaction with that installs the signalhandler back
after exec? This is the code I mean:

if (signal(SIGTERM,sig_handler) == SIG_IGN)
signal(SIGTERM,SIG_IGN);

signal(SIGINT,sig_handler);
signal(SIGHUP,sig_handler);

void sig_handler(int signum)
{
keep_going=0;
ClearLst(lstVS);
logmessage("Ending keepalived daemon\n",getpid());
signal(signum,sig_handler);
}

o You should be using memset(3) and not bzero(3).

o What happens if your tcpcheck can't connect? eg firewall,
tcpwrapper? IMHO your code will timeout for some long time.
How about implementing some kind of timer in tcpcheck.c?
Just think about if this tcpcheck blocks the further checks
until it's timeouted? Maybe I've overseen something in your
code but I can't see how you handle this problem.

o I suggest you have a look at the http_get attached in this
mail. With it you could even perform simple base64 and ssl
authentication. So SSL healthchecks would be a part of your
deamon too.

> Hope it will help,

I hope that too and I hope I haven't insulted you with my
suggestions.

> Happy christmas and happy new year,

The same to you,
Roberto Nibali, ratz

BTW: I found some code I can give you to show you what I meant
with my comments:

-----------------------------------------------------------------
/*
Module: portchecker.

This module is used as a plugin for the healthcheck methods used in the
terreActive load balancer monitoring tool. It can verify a service running
behind a servers port listening.

c) 1999-2000 by terreActive AG, Roberto Nibali, ratz

*/

#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
#include <string.h>
#include <signal.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <arpa/inet.h>

void catch_alarm(int sig){
}

int main(int argc, char **argv){
int sockfd;
struct sockaddr_in servaddr;
struct sigaction new_action;
int ec=0;
new_action.sa_handler=catch_alarm;
sigemptyset(&new_action.sa_mask);
new_action.sa_flags=0;

if (argc != 4) {
fprintf(stderr, "Usage %s <IP> <PORT> <TIMEOUT>\n", argv[0]);
exit(1);
}
if ((sockfd = socket(AF_INET, SOCK_STREAM, 0)) < 0) {
exit(1);
}
memset(&servaddr, 0, sizeof(servaddr));
servaddr.sin_family = AF_INET;
servaddr.sin_port = htons(strtoul(argv[2],NULL,10));
if (inet_pton(AF_INET, argv[1], &servaddr.sin_addr) <= 0) {
exit(1);
}
if (sigaction(SIGALRM, &new_action, NULL) == -1){
exit(1);
}
alarm(strtoul(argv[3],NULL,10));
if (connect(sockfd, (struct sockaddr *) &servaddr, sizeof(servaddr)) <
0) {
ec = 1;
}
close(sockfd);
exit(ec);
}
-----------------------------------------------------------------

Hi ratz,

As you can see, my code need to be cleaned :). I have just implement this
on the scratch for a quick installation.

>o Your signalhandling code looks somewhat fishy in keepalived.c.
>What if a signal occurs during the execution of logmessage? Why
>don't you use sigaction with that installs the signalhandler back
>after exec? This is the code I mean:
>
>if (signal(SIGTERM,sig_handler) == SIG_IGN)
> signal(SIGTERM,SIG_IGN);
>
>signal(SIGINT,sig_handler);
>signal(SIGHUP,sig_handler);
>
>void sig_handler(int signum)
>{
> keep_going=0;
> ClearLst(lstVS);
> logmessage("Ending keepalived daemon\n",getpid());
> signal(signum,sig_handler);
>}

You are right, this one of the things that I must update. In fact I will
probably use syslog call to log daemon message.

>o What happens if your tcpcheck can't connect? eg firewall,
>tcpwrapper? IMHO your code will timeout for some long time.
>How about implementing some kind of timer in tcpcheck.c?
>Just think about if this tcpcheck blocks the further checks
>until it's timeouted? Maybe I've overseen something in your
>code but I can't see how you handle this problem.

In fact, the tcpcheck perform an half open connection check. Tcpcheck build
a TCP SYN packet and send it to the remote destination. Then a recvfrom
process incoming packets. If the SYN ACK is not received then the check
return false. I have tested this tcpcheck.c scanning windows, solaris,
linux, ... and it seems to work.
For me this tcpcheck fonction is quick and dirty for many reasons, like : I
only check is the SYN ACK flag for the test, i do not consider SEQ number,
nor IP/TCPPORT to be sure that this packet came from the right server
tested. So if you implement a quick progy that send to the daemon tcp
packets flagged to SYN ACK, the tcpcheck will allways consider that the
server is not corrupt (and it can be).

Tcpcheck is a mission critical fonction. I am working with the new version
that will consider all TCP/IP pacquet incoming feild to return the state of
the tcp destination port tested. The main change must be :

1. Create a timer pool check : i send 3 SYN until a SYN ACK from the remote
destination is recieved, if not the check is false
2. To prevent keepalived against abuse attack, tcpcheck.c must consider the
tcp sequence (even ethernet MAC) => as you know you can abuse this strategy
but I think it must be done at once.

>o I suggest you have a look at the http_get attached in this
>mail. With it you could even perform simple base64 and ssl
>authentication. So SSL healthchecks would be a part of your
>deamon too.

Great ! :) i have planed to integrated openssl to perform this check, but
it will help me if I can start wih an existing check.

>I hope that too and I hope I haven't insulted you with my
>suggestions.

Of course NOT ! I am working for learning. So if you have any other
suggestions or source codes, no problems for me !

regards,

Alexandre

Good work. Thanks for the contribution, will add a link to your project
on LVS web site soon.

Happy New Year!

Wensong

On Sat, 23 Dec 2000, Alexandre Cassen wrote:

> Hi,
>
> I have just publish a little contribution to LVS after negociation with my
> employer. The solution described in the contrib homepage is used in a
> production environnement.
>
> The projet is named : Keepalived
>
> The main goal of the keepalived project is to add a strong & robust
> keepalive facility to the Linux Virtual Server project. This project is
> similar to the MON project, but it is in C with multilayer TCP/IP stack
> checks. Keepalived implements a framework based on three family checks :
> Layer3, Layer4 & Layer5. This framework gives the daemon the ability of
> checking a LVS server pool states.When one of the server of the LVS server
> pool is down, keepalived informs the linux kernel via a setsockopt call to
> remove this server entrie from the LVS topology.
>
> the project homepage is : http://keepalived.sourceforge.net
>
> Hope it will help,
>
> Happy christmas and happy new year,
>
> Alexandre Cassen