[lvs-users] LVS Cluster with lighttpd servers doesn't react to SYN packets

Jan Kunzmann jan_abraham at gmx.net
Fri Jan 23 02:21:56 GMT 2009


Michael, Graeme,

thank you for your responses.

> > We're running both 2xdual core, and 2xquad core machines, on gentoo,
> > with lighttpd 1.4.20, with lvs-dr, on kernel 2.6.27.7, and glibc
> > 2.6.1. We do not have this delay.

Michael, are you sure? I mean, I see this delays/connection failures right
now because our servers are still in the test stage and not under heavy
load. As I wrote, after some failed connections the server works as
expected; only if there are no new connections for some minutes the server
goes back into "death mode". It looks like incoming connections keep the
thing alive. So are you really sure that you don't hit the same problem
immediatly after a reboot?

> > Here are relevant portions of our lighttpd config, perhaps they'll
> > help:
> <snip>

Thanks for those. These are, except for the keepalive, settings I've
already tried.

> It strikes me, as someone with zero experience of lighttpd, that Jan's
> problem is either one of config (so your post is doubly useful) *or*
> something in a netfilter rule is getting in the way.
> 
> Jan, do you have iptables setup and configured on the director(s) or
> realservers? Can you run without for a period?
> 
> If you *have*, are you using any of the conntrack modules? It strikes me
> very much that this could be a symptom of an underlying network stack
> problem rather than something within LVS or lighttpd.

Graeme, I've some netfilter rules, but I've already tried a kernel built
without the netfilter stuff (except for arptables). I couldn't imagine
it's netfilter because as I said, it works with Apache on the very same
systems without any problems.

I've added some debug code to lighty and activated the debug output of
eventpoll.c in the kernel. This revealed that the kernel's poll loop
doesn't receive anything from the underlying layers. 

Hence I think it's neither a lighttpd issue nor an LVS one, but a kernel
bug (triggered on SMP systems when non-blocking sockets are bound to an
IP which is not on the interface the packets are coming in).

Again, thanks for your advices,

Jan

-- 
Psssst! Schon vom neuen GMX MultiMessenger gehört? Der kann`s mit allen: http://www.gmx.net/de/go/multimessenger




More information about the lvs-users mailing list