[lvs-users] Generic UPD "connect" check feature for ldirectord?

Christian Balzer chibi at gol.com
Wed Mar 18 04:01:34 GMT 2009


Hello,

I'm in exactly the same situation as the fellow here:
http://archive.linuxvirtualserver.org/html/lvs-users/2008-06/msg00042.html

Noting the lack of replies or a native rad-acct check option for
ldirectord I was wondering why not adding a UDP "connect" service check to
it? I know it's not as straightforward or reliable as TCP, but in most
environments it should give much more useful results than "none" or "ping".
Netcat seems to have no problem figuring out if something is listening on
an UDP port:
---
auth01:/etc/heartbeat# nc -v -u -z 10.0.0.2 1813
10.0.0.2: inverse host lookup failed: Unknown host
(UNKNOWN) [10.0.0.2] 1813 (radius-acct) open
auth01:/etc/heartbeat# nc -v -u -z 10.0.0.2 1814
10.0.0.2: inverse host lookup failed: Unknown host
(UNKNOWN) [10.0.0.2] 1814 (?) open
auth01:/etc/heartbeat# nc -v -u -z 10.0.0.2 1815
10.0.0.2: inverse host lookup failed: Unknown host
(UNKNOWN) [10.0.0.2] 1815 (?) : Connection refused
---

It would be really nice to see this in a future version so that any UDP
service can be somewhat monitored. 
While hacking this into the installed ldirectord seems easy enough the
likelihood of it being overwritten by a security update during the
lifetime of these servers is just too high.

So for the here and now, I guess the external "misc_check" of keepalived
might be better suited?

Regards,

Christian
-- 
Christian Balzer        Network/Systems Engineer                NOC
chibi at gol.com   	Global OnLine Japan/Fusion Network Services
http://www.gol.com/
https://secure3.gol.com/mod-pl/ols/index.cgi/?intr_id=F-2ECXvzcr6656




More information about the lvs-users mailing list