[lvs-users] clarification of sync_threshold and sync_refresh_period for active/active director setups

Phillip Moore pdm at pobox.com
Thu Jun 21 03:38:39 BST 2018


I'm trying to understand some behavior we are seeing. We run a group of
IPVS director nodes all active with BGP for advertising their addresses and
every IPVS node is running both the master and slave sync processes. We run
our real nodes in TUN mode (for direct server return).

We believe that some times new connections are reset before they can be
established if the network delivers packets to the wrong node before state
has been synced. For the most part this doesn't happen but we have
encountered a few scenarios mostly involving maintenance or testing new BGP
related configs (like removing source interface from ECMP hash) that have
caused it.

Currently we have these default settings:

>cat /proc/sys/net/ipv4/vs/sync_threshold
3 50
>cat /proc/sys/net/ipv4/vs/sync_refresh_period

I've read the sysctl docs for these settings and I don't really understand
the interaction of the 2nd number in sync_threshold with
sync_refresh_period being set to 0.

Looking at this, I think we would desire sync_threshold to be "1
$something" but I don't know what $something should be. Or should we only
really care about state changes and set it to "0 $something" ?

I'm trying to figure out if there would be any unintended consequences of
changing these to either 1 or 0.

Phillip Moore

More information about the lvs-users mailing list