[lvs-users] LDAP and LVS-DR problems
thomas at pedoussaut.com
Wed Aug 27 12:11:40 BST 2008
Bryan Aldridge wrote:
> on both the realservers shows upwards of a thousand connections! At
I got something similar a few months back. It was all due to iptables on
the director. Don't try to do statefull inspection (ie using --state
ESTABLISHED,RELATED) because the ack of closing packet from the server
won't be sent to the real server, or something similar.
It was happening on servers processes that don't time out connections
and where the disconnect can be initiated by the server.
Anyway, keep your firewall straight on the director and it should be fine.
Thomas, bitten once
More information about the lvs-users