[lvs-users] Port mapping with LVS-DR using fwmark
ja at ssi.bg
Sat Jan 25 14:25:50 GMT 2014
On Thu, 23 Jan 2014, Jacoby Hickerson wrote:
> Just to clarify the packets are going to the loopback of node 1, when they
> should be going to node 2. This is shown in the tcpdump output:Here is the
> output from the lo device of the first node:
> 02:10:51.987030 IP 172.17.0.2.54276 > 172.17.0.16.50000: Flags [.], ack
> 2970678458, win 115, options [nop,nop,TS val 3044575793 ecr 978483], length
> 02:10:51.987079 IP 172.17.0.2.54276 > 172.17.0.16.50000: Flags [P.], seq
> 0:173, ack 1, win 115, options [nop,nop,TS val 3044575793 ecr 978483],
> length 173
> 02:10:51.987426 IP 172.17.0.2.54276 > 172.17.0.16.50000: Flags [.], ack 2,
> win 115, options [nop,nop,TS val 3044575793 ecr 978484], length 0
> 02:10:51.987480 IP 172.17.0.2.54276 > 172.17.0.16.50000: Flags [F.], seq
> 173, ack 2, win 115, options [nop,nop,TS val 3044575793 ecr 978484], length
> Packets are being sent from the RIP of the first node only. From my
> understanding when using DR OutPkts should always be zero.
When LocalNode (local RIP) is used, we can see
the local reply in LOCAL_OUT hook. It happens for NAT but
also for DR. So, it is normal. But we see these replies
after DNAT in LOCAL_OUT, see ip_vs_ops for reference.
> The end result is that the packets are always coming from the first
> node and never balanced to the second node.
> Thanks for any further help, seems the solution is really close!
Can you provide more understandable description
for the test, for example:
- client box:
IP1: X.X.X.X/N dev DEV
are client and director same box
- real server:
iptable rules used. By this way I can try to
duplicate the problem. Now I see some IPs in tcpdump
output but I'm not sure what kind of traffic is shown,
where is started the tcpdump, on what box, on what
interface, external, internal...
Julian Anastasov <ja at ssi.bg>
More information about the lvs-users