[lvs-users] lvs-tun MTU and fragmentation

Graeme Fowler graeme at graemef.net
Fri Aug 31 14:19:49 BST 2007 

On Fri, 2007-08-31 at 18:03 +0530, Sameer Garg wrote:
>    In my quest for setting up LVS-Tun we encountered another problem.
> MTU and fragmentation is a known problem. First some back ground
> information.
> 
> 1. We can't use LVS-DR because our machines are all over the place.
> (Thank the ISP)
> 2. The setup comprises of 2 machines. 1 director and 1 Real Server.
> 3. We are using RHEL 4.

What you have to remember is as follows:

1. The initial packet from the client to the realserver - the SYN packet
- sets the parameters for the connection.

2. With TUN, the realserver is responding directly to the client.

3. That means if the tun0 interface(s) have an MTU of (for example)
1400, then you need to make the *realserver's VIP interface* have an MTU
of 1400. How you do that varies with OS, but for a Linux server you'd do
the following on the realserver:

iptables -A OUTPUT -s VIRTUAL-IP -p tcp -m tcp --tcp-flags SYN,RST,ACK
SYN,ACK -j TCPMSS --set-mss 1440

...which is in the HOWTO :)

That then means the realserver will respond to the initial ACK with the
MSS set for that connection; the client will see that MSS and *should*
then adjust its' following packet sizes.

You should leave the director and tun0 interfaces to do what they want,
as I recall.

Graeme

Search lvs-users Archives
Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
More information about the lvs-users mailing list