[lvs-users] Synchronization problem

Bachman Kharazmi bahkha at gmail.com
Fri Jan 9 10:42:36 GMT 2009


There are no such rules by default on a etch installation where the
firewall drop any packets.
lb1:~# iptables -L -n
Chain INPUT (policy ACCEPT)
target     prot opt source               destination
Chain FORWARD (policy ACCEPT)
target     prot opt source               destination
Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

And a more complete output from tcpdump looks like:

lb1:~# tcpdump -v multicast -i eth4
tcpdump: listening on eth4, link-type EN10MB (Ethernet), capture size 96 bytes
10:49:28.688219 IP (tos 0x0, ttl 255, id 63122, offset 0, flags
[none], proto: VRRP (112), length: 40) 192.168.10.242 >
VRRP.MCAST.NET: VRRPv2, Advertisement, vrid 242, prio 100, authtype
simple, intvl 1s, length 20, addrs: 192.168.10.240 auth "Password"
10:49:28.861308 802.1d unknown version
10:49:29.124654 IP (tos 0x0, ttl 255, id 16275, offset 0, flags
[none], proto: VRRP (112), length: 40) 192.168.10.241 >
VRRP.MCAST.NET: VRRPv2, Advertisement, vrid 241, prio 200, authtype
simple, intvl 1s, length 20, addrs: 192.168.10.240 auth "Password"
10:49:29.427029 arp who-has 192.168.10.25 tell 192.168.10.117
10:49:29.436897 arp who-has 192.168.10.104 tell 192.168.10.117
10:49:29.537842 00:1b:3f:9b:7b:80 (oui Unknown) > 01:80:c2:00:00:0e
(oui Unknown), ethertype Unknown (0x88cc), length 109:
        0x0000:  0207 0400 1b3f 9b7b 8004 0307 3136 0602  .....?.{....16..
        0x0010:  0078 0808 506f 7274 2023 3136 0a0f 5052  .x..Port.#16..PR
        0x0020:  4f43 5552 5645 204a 3930 3238 420c 1a50  OCURVE.J9028B..P
        0x0030:  524f 4355 5256 4520 4a39 3032 3842 202d  ROCURVE.J9028B.-
        0x0040:  2050 422e 3032 2e30 370e 0400 0400 0410  .PB.02.07.......
        0x0050:  0c05                                     ..
10:49:29.692135 IP (tos 0x0, ttl 255, id 63378, offset 0, flags
[none], proto: VRRP (112), length: 40) 192.168.10.242 >
VRRP.MCAST.NET: VRRPv2, Advertisement, vrid 242, prio 100, authtype
simple, intvl 1s, length 20, addrs: 192.168.10.240 auth "Password"
10:49:30.128667 IP (tos 0x0, ttl 255, id 16531, offset 0, flags
[none], proto: VRRP (112), length: 40) 192.168.10.241 >
VRRP.MCAST.NET: VRRPv2, Advertisement, vrid 241, prio 200, authtype
simple, intvl 1s, length 20, addrs: 192.168.10.240 auth "Password"
10:49:30.436831 arp who-has 192.168.10.104 tell 192.168.10.117
10:49:30.696136 IP (tos 0x0, ttl 255, id 63634, offset 0, flags
[none], proto: VRRP (112), length: 40) 192.168.10.242 >
VRRP.MCAST.NET: VRRPv2, Advertisement, vrid 242, prio 100, authtype
simple, intvl 1s, length 20, addrs: 192.168.10.240 auth "Password"
10:49:30.861364 802.1d unknown version
10:49:31.132680 IP (tos 0x0, ttl 255, id 16787, offset 0, flags
[none], proto: VRRP (112), length: 40) 192.168.10.241 >
VRRP.MCAST.NET: VRRPv2, Advertisement, vrid 241, prio 200, authtype
simple, intvl 1s, length 20, addrs: 192.168.10.240 auth "Password"
10:49:31.436857 arp who-has 192.168.10.104 tell 192.168.10.117
10:49:31.700155 IP (tos 0x0, ttl 255, id 63890, offset 0, flags
[none], proto: VRRP (112), length: 40) 192.168.10.242 >
VRRP.MCAST.NET: VRRPv2, Advertisement, vrid 242, prio 100, authtype
simple, intvl 1s, length 20, addrs: 192.168.10.240 auth "Password"
10:49:32.136692 IP (tos 0x0, ttl 255, id 17043, offset 0, flags
[none], proto: VRRP (112), length: 40) 192.168.10.241 >
VRRP.MCAST.NET: VRRPv2, Advertisement, vrid 241, prio 200, authtype
simple, intvl 1s, length 20, addrs: 192.168.10.240 auth "Password"
10:49:32.704178 IP (tos 0x0, ttl 255, id 64146, offset 0, flags
[none], proto: VRRP (112), length: 40) 192.168.10.242 >
VRRP.MCAST.NET: VRRPv2, Advertisement, vrid 242, prio 100, authtype
simple, intvl 1s, length 20, addrs: 192.168.10.240 auth "Password"
10:49:32.861414 802.1d unknown version
10:49:33.140704 IP (tos 0x0, ttl 255, id 17299, offset 0, flags
[none], proto: VRRP (112), length: 40) 192.168.10.241 >
VRRP.MCAST.NET: VRRPv2, Advertisement, vrid 241, prio 200, authtype
simple, intvl 1s, length 20, addrs: 192.168.10.240 auth "Password"
10:49:33.476954 arp who-has 192.168.10.25 tell 192.168.10.117
10:49:33.708187 IP (tos 0x0, ttl 255, id 64402, offset 0, flags
[none], proto: VRRP (112), length: 40) 192.168.10.242 >
VRRP.MCAST.NET: VRRPv2, Advertisement, vrid 242, prio 100, authtype
simple, intvl 1s, length 20, addrs: 192.168.10.240 auth "Password"
10:49:34.144718 IP (tos 0x0, ttl 255, id 17555, offset 0, flags
[none], proto: VRRP (112), length: 40) 192.168.10.241 >
VRRP.MCAST.NET: VRRPv2, Advertisement, vrid 241, prio 200, authtype
simple, intvl 1s, length 20, addrs: 192.168.10.240 auth "Password"
10:49:34.476990 arp who-has 192.168.10.25 tell 192.168.10.117
10:49:34.712211 IP (tos 0x0, ttl 255, id 64658, offset 0, flags
[none], proto: VRRP (112), length: 40) 192.168.10.242 >
VRRP.MCAST.NET: VRRPv2, Advertisement, vrid 242, prio 100, authtype
simple, intvl 1s, length 20, addrs: 192.168.10.240 auth "Password"
10:49:34.861429 802.1d unknown version
10:49:35.148730 IP (tos 0x0, ttl 255, id 17811, offset 0, flags
[none], proto: VRRP (112), length: 40) 192.168.10.241 >
VRRP.MCAST.NET: VRRPv2, Advertisement, vrid 241, prio 200, authtype
simple, intvl 1s, length 20, addrs: 192.168.10.240 auth "Password"
10:49:35.477024 arp who-has 192.168.10.25 tell 192.168.10.117
10:49:35.487052 arp who-has 192.168.10.104 tell 192.168.10.117
10:49:35.716336 IP (tos 0x0, ttl 255, id 64914, offset 0, flags
[none], proto: VRRP (112), length: 40) 192.168.10.242 >
VRRP.MCAST.NET: VRRPv2, Advertisement, vrid 242, prio 100, authtype
simple, intvl 1s, length 20, addrs: 192.168.10.240 auth "Password"
10:49:36.152743 IP (tos 0x0, ttl 255, id 18067, offset 0, flags
[none], proto: VRRP (112), length: 40) 192.168.10.241 >
VRRP.MCAST.NET: VRRPv2, Advertisement, vrid 241, prio 200, authtype
simple, intvl 1s, length 20, addrs: 192.168.10.240 auth "Password"
29 packets captured
29 packets received by filter
0 packets dropped by kernel

/B

2009/1/9 Graeme Fowler <graeme at graemef.net>:
> On Fri, 2009-01-09 at 00:25 +0100, Bachman Kharazmi wrote:
>> There are synchronization problems.
>
> Check that your default iptables rules are permitting inbound traffic
> destined to 224.0.0.18. It's very likely that they are not.
>
> Graeme
>
>




More information about the lvs-users mailing list