[lvs-users] Handling Duplicate ACKs, and a Game of Pong.

Charlie Allom charlie at playlouder.com
Sun Mar 27 12:58:23 BST 2011

On Fri, Mar 25, 2011 at 01:10:27PM -0700, chchen at pdx.edu <chchen at pdx.edu> wrote:
> Did you have a symptom in general? Mine was SSL problems with
> Windows 7 machines, and duplicate ACKs for those handshakes.


Yes my symptom is a rogue ACK/FIN/RST (same seq/ack #) that is sent multiple
times from director -> backupdirector, and then the backupdirector ping
pongs that packet on its loopback interface at up to 800Mbps and brings
down the machine with interrupts.

And of course the 3rd real server with no LVS enabled doesnt have this
problem (bare metal eth0 aliases).

So the issue is really the primary director fucking up, and /really/
confusing the backup. I'd like to revert the 2.0.2 bnx2 driver in newer
kernels.. but changing to LVS-NAT may be simpler, as you suggested.

I don't know if that means I lose the ability of the directors to be
realservers or not.

Also I wonder if there is some sysctl I could tweak, as the loopback
garbage doesn't scream bnx2 problems.


More information about the lvs-users mailing list