[lvs-users] LVS Direct Routing Virtualized

Ferenc Wagner wferi at niif.hu
Sat Sep 21 15:09:20 BST 2013

Andrew Lau <andrew at andrewklau.com> writes:

> On Sat, Sep 21, 2013 at 9:57 PM, Ferenc Wagner <wferi at niif.hu> wrote:
>> Andrew Lau <andrew at andrewklau.com> writes:
>>> I have my LVS DR routing setup on a KVM nodes, from a single node it
>>> works great.
>>> Client->VIP->router dnat->loadbalancer->real server->router
>>> snat->VIP->client
>>> However when I spread the load across multiple KVM nodes, the
>>> connections still hit the real server however nothing seems to be
>>> going out
>>> Client->VIP->router dnat->LVS (kvm node 1)->real server (kvm node 2)
>>> I can see the traffic hitting the real server through the access
>>> logs, and a tcpdump shows it's trying to send the response
>>> out. being my virtual IP. But the client doesn't seem to
>>> get the traffic.
>> The client certainly gets the traffic, these seem like normal TCP
>> session startups to me, with both ends actively involved.
> That's what it definitely looked like, the router packet scan even showed
> the packets flowing from the VM however the client is not getting the end
> result. Just timing out.

I wonder who does the three way handshake and the data excange then,
all with correct sequence numbers...  Make a packet trace on the client.

> Could it be because I'm running NAT between the router->loadbalancer? is the DNAT target address for your real VIP, right?  So the
packets go:

               from       to             via
until DNAT:    client     VIP      external gateway
after DNAT:    client  internal gateway
after DR:      client      realserver
reply:   client    internal gateway
after SNAT:     VIP      client    external gateway

I don't see any problem with this in principle, especially not anything
depending on the number of real servers.

More information about the lvs-users mailing list