Traffic to a "dead" server

Casey Zacek cz at
Fri Oct 20 13:51:46 BST 2006

Joseph Mack NA3T wrote (at Thu, Oct 19, 2006 at 10:29:13AM -0700):
> On Thu, 19 Oct 2006, Casey Zacek wrote:
> >Correct me if I'm wrong, please, but I believe what should have
> >happened was that all traffic should be directed to the only remaining
> >active RS once the failed RS gets deleted.
> only new traffic. Read the HOWTO.

Ok, I read the HOWTO.  I must have missed the part you're referencing.
Maybe I'm being misunderstood.

On the director, I do this:

iptables -A PREROUTING -d -p tcp -m tcp -j MARK --set-mark 0xb
ipvsadm -A -f 11 -s wlc -p 1200
ipvsadm -a -f 11 -r -g -w 50
ipvsadm -a -f 11 -r -g -w 50

On both RSes, I run this:

tcpdump -n -i eth0 host port 80

On my workstation (, I do this:

telnet 80

And I see my connection on's tcpdump output.  So, I've
established persistence to  Now, on the director, I do

ipvsadm -d -f 11 -r

And again, I telnet.  Now, I show up on, as I would expect,
but apparently I'm in the minority on this list. (?)

I believe the above simulates a failure in keepalived since I do not
use the inhibit_on_failure option.  The output of 'ipvsadm -lnf 11' at
various stages backs my belief.  All is fine with the world at this

The problem I encountered was that at some point there was a
breakdown, and connections were showing up on the deleted Real Server
instead of the still-live Real Server.  I am not certain if any
traffic was making it to the still-live RS at all.  I know that any
attempt I made would terminate at the deleted RS.

As you all can imagine, this is a touchy issue with this customer now,
as my load-balancer solution failed him, so I cannot play around with
his solution in order to duplicate it.  I've never seen this behavior
in the 3-4(more?) years that I've been employing LVS.  I've seen
plenty of keepalived healtchecker freeze-ups, but never an apparent
bug in the IPVS kernel code.

Casey Zacek
Senior Engineer
NeoSpire, Inc.

More information about the lvs-users mailing list