[lvs-users] IPv6 vs IPv4 fwmark services

Simon Horman horms at verge.net.au
Tue Feb 15 22:42:29 GMT 2011


On Tue, Feb 15, 2011 at 05:44:32PM +0900, Sohgo Takeuchi wrote:
> 
> From: Ferenc Wagner <wferi at niif.hu>
> |
> > Sohgo Takeuchi <sohgo at sohgo.dyndns.org> writes:
> > 
> >> From: Ferenc Wagner <wferi at niif.hu>
> >>
> >>> I'm running ldirectord with
> >>> http://hg.linux-ha.org/agents/rev/6e8b562f5414 applied for better IPv6
> >>> support.  Basically, it works fine, thanks for implementing this.  But I
> >>> wonder whether there's a fundamental reason for not allowing IPv4 and
> >>> IPv6 virtual services with the same fwmark, like
> >>> 
> >>> virtual=1
> >>>   [...]
> >>> virtual6=1
> >>>   [...]
> >>> 
> >>> which results in
> >>> 
> >>> Error [21297] reading file /etc/ldirectord.cf at line 15: duplicate virtual server
> >>> 
> >>> if tried.  Is this only an overzealous sanity check in ldirectord, or
> >>> are iptables and ip6tables fwmarks actually related somehow?
> >>
> >> Thanks for the report.
> >>
> >> When I enhanced the IPv6 support of ldirectord, I forgotten to
> >> take care about this case. I also think that ldirectord should
> >> support this case.
> > 
> > Great, and thanks for taking care of IPv6 support in ldirectord!
> > So what do you think about my patch?  Not that I feel strongly about
> > it, but I'd better stop using it if it's broken...
> 
> I've used your patch. It works good in my environment too.
> Thanks for the patch!

Thanks guys,

Ferenc are you happy to have this patch included in ldirectord
which is GPLv2 licensed code?

> I've found that another problem about an IPv6 fwmark of
> ldirectord. The ldirectord does not handle an output of the
> ipvsadm command when using an IPv6 fwmark.  I've made a
> patch. If you are interested in the patch, please try.

Takeuchi-san, let me know if you want this merged too.

> diff --git a/ldirectord/ldirectord.in b/ldirectord/ldirectord.in
> --- a/ldirectord/ldirectord.in
> +++ b/ldirectord/ldirectord.in
> @@ -2403,14 +2403,14 @@
>  		if (not defined $line) {
>  			last;
>  		}
> -		if ($line =~ /^(\w+)\s+(\d+\.\d+\.\d+\.\d+\:\d+|\[[0-9A-Fa-f:]+\]:\d+|\d+)\s+(\w+)\s+persistent\s+(\d+)\s+mask\s+(.*)/) {
> -			$real_service = "$2 ".lc($1);
> +		if ($line =~ /^(\w+)\s+(\d+\.\d+\.\d+\.\d+\:\d+|\[[0-9A-Fa-f:]+\]:\d+|\d+)( IPv6)?\s+(\w+)\s+persistent\s+(\d+)\s+mask\s+(.*)/) {
> +			$real_service = &gen_real_service_str($2, $1, $3);
>  			$oldsrv{"$real_service"} = {"real"=>{}, "scheduler"=>$3, "persistent"=>$4, "netmask"=>$5};
> -		} elsif ($line =~ /^(\w+)\s+(\d+\.\d+\.\d+\.\d+\:\d+|\[[0-9A-Fa-f:]+\]:\d+|\d+)\s+(\w+)\s+persistent\s+(\d+)/) {
> -			$real_service = "$2 ".lc($1);
> +		} elsif ($line =~ /^(\w+)\s+(\d+\.\d+\.\d+\.\d+\:\d+|\[[0-9A-Fa-f:]+\]:\d+|\d+)( IPv6)?\s+(\w+)\s+persistent\s+(\d+)/) {
> +			$real_service = &gen_real_service_str($2, $1, $3);
>  			$oldsrv{"$real_service"} = {"real"=>{}, "scheduler"=>$3, "persistent"=>$4};
> -		} elsif ($line =~ /^(\w+)\s+(\d+\.\d+\.\d+\.\d+\:\d+|\[[0-9A-Fa-f:]+\]:\d+|\d+)\s+(\w+)/) {
> -			$real_service = "$2 ".lc($1);
> +		} elsif ($line =~ /^(\w+)\s+(\d+\.\d+\.\d+\.\d+\:\d+|\[[0-9A-Fa-f:]+\]:\d+|\d+)( IPv6)?\s+(\w+)/) {
> +			$real_service = &gen_real_service_str($2, $1, $3);
>  			$oldsrv{"$real_service"} = {"real"=>{}, "scheduler"=>$3};
>  		} elsif ($line =~ /^  ->\s+(\d+\.\d+\.\d+\.\d+\:\d+|\[[0-9A-Fa-f:]+\]:\d+)\s+(\w+)\s+(\d+)/) {
>  			if (not defined( $real_service)) {
> @@ -2438,6 +2438,20 @@
>  	return(\%oldsrv);
>  }
>  
> +sub gen_real_service_str
> +{
> +	my ($service_address, $protocol, $v6flag) = @_;
> +
> +	return "$service_address ".lc($protocol).(defined($v6flag) ? "6" : "");
> +}
> +
> +sub get_real_service_str
> +{
> +	my ($v) = (@_);
> +
> +	return &get_virtual($v) . " "  . $v->{protocol} . ($v->{addressfamily} == AF_INET6 ? "6" : "");
> +}
> +
>  sub ld_start
>  {
>  	my $oldsrv;
> @@ -2451,7 +2465,7 @@
>  
>  	# make sure virtual servers are up to date
>  	foreach $nv (@VIRTUAL) {
> -		my $real_service = &get_virtual($nv) . " "  . $nv->{protocol};
> +		my $real_service = &get_real_service_str($nv);
>  
>  		if (exists($oldsrv->{"$real_service"})) {
>  			# service exists, modify it
> @@ -2468,7 +2482,7 @@
>  	# make sure real servers are up to date
>  	foreach $nv (@VIRTUAL) {
>  		my $nreal = $nv->{real};
> -		my $ov = $oldsrv->{&get_virtual($nv) . " " . $nv->{protocol}};
> +		my $ov = $oldsrv->{&get_real_service_str($nv)};
>  		my $or = $ov->{real};
>  		my $fallback = fallback_find($nv);
>  
> @@ -2498,7 +2512,7 @@
>  			delete($$or{$k});
>  		}
>  
> -		delete($oldsrv->{&get_virtual($nv) . " " . $nv->{protocol}});
> +		delete($oldsrv->{&get_real_service_str($nv)});
>  		&fallback_on($nv);
>  	}
>  
> @@ -2511,8 +2525,7 @@
>  
>  	# remove remaining entries for virtual servers
>  	foreach $nv (@OLDVIRTUAL) {
> -		if (! defined($oldsrv->{&get_virtual($nv) . " " .
> -					$nv->{protocol}})) {
> +		if (! defined($oldsrv->{&get_real_service_str($nv)})) {
>  			next;
>  		}
>  		purge_virtual($nv, "start");
> @@ -3747,7 +3760,7 @@
>  	$virtual_str = &get_virtual($v);
>  
>  	$oldsrv=&ld_read_ipvsadm();
> -	$ov=$oldsrv->{$virtual_str . " " . $v->{"protocol"}};
> +	$ov=$oldsrv->{&get_real_service_str($v)};
>  	if(!defined($ov)){
>  		return;
>  	}
> @@ -3867,7 +3880,7 @@
>  	#if the server exists then restore its weight
>  	# otherwise add the server
>  	$oldsrv=&ld_read_ipvsadm();
> -	$ov=$oldsrv->{&get_virtual($v) . " " . $v->{"protocol"}};
> +	$ov=$oldsrv->{&get_real_service_str($v)};
>  	if(defined($ov)){
>  		$or=$ov->{"real"}->{$rservice};
>  	}

> _______________________________________________
> Please read the documentation before posting - it's available at:
> http://www.linuxvirtualserver.org/
> 
> LinuxVirtualServer.org mailing list - lvs-users at LinuxVirtualServer.org
> Send requests to lvs-users-request at LinuxVirtualServer.org
> or go to http://lists.graemef.net/mailman/listinfo/lvs-users





More information about the lvs-users mailing list