[lvs-users] Understanding persistence_granularity for long TCP connections and unexpected spread of traffic at reals

Abhijeet Rastogi abhijeet.1989 at gmail.com
Wed Aug 14 18:50:47 BST 2019


Hi everyone,

I'm investigating a typical configuration for an L4 TCP load balancer using
ipvs+keepalived. Settings:-

   - persistence_timeout: 120 seconds.  (# LVS persistence timeout, sec)
   - /sbin/ipvsadm --set 1800 120 300
   - persistence_granularity: "48" for ipv6.
   - lb_algo: rr (round robin)

My expectation is, all the IPs from the same /48 v6 subnet should always
reach the same real_server because of setting granularity.

However, I can see that established connections from the same /48 v6 subnet
are spread across multiple reals. (with timeouts b/w 0 seconds to less than
30 minutes which is a side-affect of setting higher timeout for TCP).

Questions:-

   - After the persistent_timeout expires, do new connections from the same
   /48 subnet get assigned to a new reals based on round-robin regardless of
   whether we've existing connections already going to a specific real from
   that subnet? (And this results in same /48 being distributed to multiple
   reals eventually)
   - Is TCP timeout the reason for the unexpected spread of same /48
   clients to multiple reals (as opposed to the expectation of 1)?
   - If my previous question's answer is yes, should we always set
   persistence_timeout to be higher than the TCP timeout? (because of https
   traffic, session ticket etc)

Thanks in advance!

-- 
Cheers,
Abhijeet (https://abhi.host)


More information about the lvs-users mailing list