On 8/24/12 8:53 AM, Dmitry Akindinov wrote:
> So, again, routing is fine, the traffic does go as it should (to the 
> new balancer and then to the old one, as a part of the "real server 
> pool" or "farm"). The problem is that ipvs software on the "old" 
> balancer drops some of the packets when it is running the sync daemon. 
> As soon as the sync daemon is stopped, the problem disappears.
Sorry, I totally missed that your IPVS boxes are also your 'real' 
servers - I had an issue like that a while ago. Basically as far as I 
can tell, if there is a connection in the sync table, the kernel will 
use it even if you don't have ipvs rules entered, or even if you are 
using fwm and you don't have an applicable iptables rule.

Someone who knows the internals of ipvs better can probably get more 
specific, but I was unable to find a workaround for it that did not 
involve disabling the sync daemon.

On my end, I either changed my scheduler to SH and stopped using the 
sync daemon, or separated the ipvs and real servers into separate 
systems to avoid the issue altogether.

