[lvs-users] Fixing the Martian Packet issue on LVS-DR

Khosrow Ebrahimpour khosrow.ebrahimpour at ssc-spc.gc.ca
Mon Oct 7 18:46:45 BST 2013


Hello list,

Recently we modified the configuration of our lvs systems to do LVS-DR 
as well as LVS-NAT. The setup works well with LVS-NAT has been working 
tirelessly for a year. A new VIP was added to load-balance using LVS-NAT 
with a setup something like the below diagram:

CIP  --> VIP (192.168.17.44), gateway(192.168.2.1)--> RIP (192.168.2.51)

We're now seeing the martian source problem whenever CIP originates from 
outside the 192.168.2.x subnet. I understand why we are getting the 
error, but hoping there's a solution to getting this setup working. Is 
anyone running a similar setup and has found a solution to the martian 
source problem?

I have had a look at the information on the solution called "Julian's 
martian modification" in section 7.5.2 
(http://www.austintek.com/LVS/LVS-HOWTO/HOWTO/LVS-HOWTO.LVS-DR.html#martian_modification) 
but that requires a patch to the kernel and I'm hoping to avoid having 
to do custom compiling a kernel.

Note: the reason we decided to go with LVS-DR is that using LVS-NAT 
would leave all clients in the same subnet as the RIP (192.168.2.x) 
unable to use this service since the RIP would respond back directly to 
the CIP and the connection would be broken.


Thanks,
--
Khosrow



More information about the lvs-users mailing list