[lvs-users] LDAP and LVS-DR problems

ago at mondobit.com ago at mondobit.com
Wed Aug 27 12:30:13 BST 2008

  what happens if you leave in production only one realserver (still using LVS)?

if you analize LVS connection table and netstat outpuut on the real server the connection, the connection count is eqauly distribute among client or ther are clients with more connection than other?


> Da: "Bryan Aldridge" <bealdrid at gmail.com>
> Data: Tue, 26 Aug 2008 14:51:02 -0400
> A: lvs-users at linuxvirtualserver.org
> Oggetto: [lvs-users] LDAP and LVS-DR problems
> Hi,
> I'm having a bit of an issue implementing LDAP into my existing LVS-DR
> setup.  Basically we have here around 30-40 linux clients that
> authenticate via LDAP.  Originally I was running a single LDAP server
> with no failover, then as we got more dependent on LDAP, I figured it
> would be a good idea to load balance LDAP, and at the same time have
> failover.  I found some cases of others using LDAP with LVS-DR with
> good results on the list here, and initially I was having good results
> as well.   Then one day I learned that the connections being made to
> LDAP through LVS were never expiring or timing out.  With the LVS+LDAP
> configuration i saw ipvsadm output like this:
> IP Virtual Server version 1.2.1 (size=4096)
> Prot LocalAddress:Port Scheduler Flags
>   -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
> TCP  ldap-lvs:ldap rr
>   -> ldap1:ldap  Route   1     289       0
>   -> ldap2:ldap  Route   1     287       0
> All connections were "Active Connections" unlike the example in the
> post I saw in the archives.  Also, running a
>  netstat -ao | grep -c "ldap"
> on both the realservers shows upwards of a thousand connections!  At
> this point, the real servers begin dropping all further incoming LDAP
> connections until that number comes down.  (I simply get a
> ldap_result: Can't contact LDAP server (-1))
> When using LDAP outside of LVS, i never have this issue, as the number
> of connections in netstat is consistently around 30 (same as the
> number of clients I have)
> Is there a way I can get the connections to be "InActConn" instead of
> "ActiveConn"?
> Thanks!
> -Bryan
> _______________________________________________
> LinuxVirtualServer.org mailing list - lvs-users at LinuxVirtualServer.org
> Send requests to lvs-users-request at LinuxVirtualServer.org
> or go to http://lists.graemef.net/mailman/listinfo/lvs-users> 

More information about the lvs-users mailing list