[lvs-users] LVS Direct Routing Virtualized
wferi at niif.hu
Sat Sep 21 15:09:20 BST 2013
Andrew Lau <andrew at andrewklau.com> writes:
> On Sat, Sep 21, 2013 at 9:57 PM, Ferenc Wagner <wferi at niif.hu> wrote:
>> Andrew Lau <andrew at andrewklau.com> writes:
>>> I have my LVS DR routing setup on a KVM nodes, from a single node it
>>> works great.
>>> Client->VIP->router dnat->loadbalancer->real server->router
>>> However when I spread the load across multiple KVM nodes, the
>>> connections still hit the real server however nothing seems to be
>>> going out
>>> Client->VIP->router dnat->LVS (kvm node 1)->real server (kvm node 2)
>>> I can see the traffic hitting the real server through the access
>>> logs, and a tcpdump shows it's trying to send the response
>>> out. 10.0.3.152 being my virtual IP. But the client doesn't seem to
>>> get the traffic.
>> The client certainly gets the traffic, these seem like normal TCP
>> session startups to me, with both ends actively involved.
> That's what it definitely looked like, the router packet scan even showed
> the packets flowing from the VM however the client is not getting the end
> result. Just timing out.
I wonder who does the three way handshake and the data excange then,
all with correct sequence numbers... Make a packet trace on the client.
> Could it be because I'm running NAT between the router->loadbalancer?
10.0.3.152 is the DNAT target address for your real VIP, right? So the
from to via
until DNAT: client VIP external gateway
after DNAT: client 10.0.3.152 internal gateway
after DR: client 10.0.3.152 realserver
reply: 10.0.3.152 client internal gateway
after SNAT: VIP client external gateway
I don't see any problem with this in principle, especially not anything
depending on the number of real servers.
More information about the lvs-users