[lvs-users] How to skip ipvs processing for ip:port not configured in virtual configuration?

Vincent Li vincent.mc.li at gmail.com
Tue Nov 11 19:43:45 GMT 2014


Hi,

I have both LVS+keepalived and nginx running on same box and came
across this issue, configuration below:

keepalived.conf: (So LVS should handle 10.1.72.36:80)


vrrp_instance VI_1 {
    state MASTER
.................CUT.............
    virtual_ipaddress {
        10.1.72.38/16 dev eth2
        10.1.72.36/16 dev eth2 #<========
    }
}

virtual_server 10.1.72.36 80 { <===========
    delay_loop 90
    lb_algo rr
    lb_kind FNAT
#    persistence_timeout 50
.................CUT........
}

nginx.conf  (nginx should handle 10.1.72.36:8080)

    server {
        listen       10.1.72.36:8080;

        location / {
            root   html;
            index  index.html index.htm;

        }

    }

so virtual 10.1.72.36:80 is handled fine by LVS as expected.

but when I access 10.1.72.36:8080, since there is no virtual
configuration for 10.1.72.36:8080, I am hopping nginx will handle it,
but it appears LVS is handling it as LVS debug shows, but no SYN+ACK
back to the client, thus failed :

Nov 11 11:25:53 vincent-centos64-2 kernel: IPVS: lookup service: fwm 0
TCP 10.1.72.36:8080 not hit

Nov 11 11:25:53 vincent-centos64-2 kernel: IPVS: lookup TCP
10.1.72.6:36220->10.1.72.36:8080 not hit

Nov 11 11:25:53 vincent-centos64-2 kernel: IPVS: lookup TCP
10.1.72.6:36220->10.1.72.36:8080 not hit

if I stop keepalived, 10.1.72.36:8080 is handled by ngnix correctly,
or if I use uniq ip address as listener in keepalived and nginx, it
works as expected, for example 10.1.72.38:80 in keepalived,
10.1.72.36:8080 in nginx, it works.

so it looks I can't use same IP address in LVS and nginx as listener,
even with different port.

is there anyway to skip LVS handling when there is no 10.1.72.36:8080
in LVS configuration? the issue is somewhere else, not in LVS.



More information about the lvs-users mailing list