[lvs-users] The effect of wlc, lblc, and persistent

Malcolm Turnbull malcolm at loadbalancer.org
Sat Mar 2 09:22:27 GMT 2013 

Eric,

LBLC & DH schedulers can only be used in a completely transparent
forwarding LVS i.e. firewall mark matches the packets of ALL routed
traffic and forwards it to a proxy/squid cache.
This is because they need to see the destination IP address (normal
non-transparent LVS traffic all has destination IP of the VIP)

i.e.
iptables -t mangle -A PREROUTING -p tcp --dport 80 -j MARK --set-mark 1
iptables -t mangle -A PREROUTING -p tcp --dport 443 -j MARK --set-mark 1
ip rule add prio 100 fwmark 1 table 100
ip route add local 0/0 dev lo table 100

More of a description on page 16 of our load balancing web filters guide here:
http://uk.loadbalancer.org/pdffiles/Web_Proxy_Deployment_Guide.pdf





On 1 March 2013 16:34, Robinson, Eric <eric.robinson at psmnv.com> wrote:
> Need some help understanding the effect of wlc, lblc, and persistent.
>
> In our environment, the following realserver configuration in ldirectord results in pretty even load balancing.
>
> # Virtual Server for tomcat(site103), Outside to Inside
> virtual=192.168.5.100:3103
>         real=192.168.10.64:3103 masq
>         real=192.168.10.63:3103 masq
>         service=http
>         request="/mobiledoc/jsp/catalog/xml/CheckDBConnection.jsp"
>         receive="success"
>         scheduler=wlc
>         protocol=tcp
>         checktype=3
>         persistent=15
> Here's the output of ipvsadm -Ln
>
>
> TCP 192.168.5.100:3103 wlc persistent 15
> -> 192.168.10.64:3103 Masq 1 24 15
> -> 192.168.10.63:3103 Masq 1 23 22
>
> Whereas the following config results in very uneven load balancing.
>
> # Virtual Server for tomcat(site077), Outside to Inside
> virtual=192.168.5.100:3077
>         real=192.168.10.64:3077 masq
>         real=192.168.10.63:3077 masq
>         service=http
>         request="/mobiledoc/jsp/catalog/xml/CheckDBConnection.jsp"
>         receive="success"
>         scheduler=lblc
>         protocol=tcp
>         checktype=3
>         persistent=360
> Here's the outpuut of ipvsadm -Ln
> TCP 192.168.5.100:3077 lblc persistent 360
> -> 192.168.10.63:3077 Masq 1 16 9
> -> 192.168.10.64:3077 Masq 1 1 0
> Why is the second one so imbalanced? There are probably 20 computers using the second one, so about half of them should be going to each realserver. Once they connect to a realserver, the connection should persist for at least 360 seconds. But that should not result in such a disparity in the number of connections going to each RS should it?
>
> Wait... if the customer is behind NAT, and all of their workstations appear to be the same source IP, I guess it would cause this behavior?
>
> --
> Eric Robinson
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
> Disclaimer - March 1, 2013
> This email and any files transmitted with it are confidential and intended solely for lvs-users at linuxvirtualserver.org. If you are not the named addressee you should not disseminate, distribute, copy or alter this email. Any views or opinions presented in this email are solely those of the author and might not represent those of Physicians' Managed Care or Physician Select Management. Warning: Although Physicians' Managed Care or Physician Select Management has taken reasonable precautions to ensure no viruses are present in this email, the company cannot accept responsibility for any loss or damage arising from the use of this email or attachments.
> This disclaimer was added by Policy Patrol: http://www.policypatrol.com/
> _______________________________________________
> Please read the documentation before posting - it's available at:
> http://www.linuxvirtualserver.org/
>
> LinuxVirtualServer.org mailing list - lvs-users at LinuxVirtualServer.org
> Send requests to lvs-users-request at LinuxVirtualServer.org
> or go to http://lists.graemef.net/mailman/listinfo/lvs-users



-- 
Regards,

Malcolm Turnbull.

Loadbalancer.org Ltd.
Phone: +44 (0)870 443 8779
http://www.loadbalancer.org/

More information about the lvs-users mailing list