[lvs-users] source hashing some times land on wrong server (with FTP)

Malcolm Turnbull malcolm at loadbalancer.org
Fri Nov 1 17:38:02 GMT 2019


Are you getting any health check failures?
It's not a consistent hash - so any config changes would throw it.

Why not just use the standard persistence table?
The stick table for that is completely reliable, as long as you have
enough memory.


Malcolm Turnbull

Loadbalancer.org Ltd.

 +44 (0)330 380 1064

Malcolm Turnbull

Loadbalancer.org Ltd.


 +44 (0)330 380 1064
malcolm at loadbalancer.org


On Fri, 1 Nov 2019 at 15:49, Phillip Moore <pdm at pobox.com> wrote:
> Hello!
> We have FTP setup with on its own VIP and just map all ports (:0) and use
> source hashing. Sometimes when the FTP client opens the data channel it
> will land on the wrong real server causing a reset. I stress sometimes
> because mostly FTP seems to work but we do see this behavior of requests
> landing on the wrong server.
> FTP client makes connection to VIP:0 on ftp port, is asked to open data
> channel on VIP:0 on alternate port. FTP client sends SYN packet but that
> packet doesn't land on the correct real FTP server, so connection is
> reset.  That SYN packet likely came through a different IPVS server but
> should have sync connection state by this time.
> Example of our config:
> -A -t x.y.z.220:0 -s sh -p 600 -b sh-fallback
> -a -t x.y.z.220:0 -r a.b.c.4:0 -i -w 1
> -a -t x.y.z.220:0 -r a.b.c.5:0 -i -w 1
> -a -t x.y.z.220:0 -r a.b.c.6:0 -i -w 1
> -a -t x.y.z.220:0 -r a.b.c.7:0 -i -w 1
> 3.10.0-1062.1.1.el7.x86_64
> We have this config running on multiple active IPVS servers all running
> active/backup sync processes .
> We've also tried a non 1 weight (1000) to see if it was the overload logic
> kicking in and sending requests to alt server, but that did not seem to be
> it.
> Is there any reason why subsequent connections from the same source IP
> would land on a different server?
> Thanks,
> Phillip Moore
> _______________________________________________
> Please read the documentation before posting - it's available at:
> http://www.linuxvirtualserver.org/
> LinuxVirtualServer.org mailing list - lvs-users at LinuxVirtualServer.org
> Send requests to lvs-users-request at LinuxVirtualServer.org
> or go to http://lists.graemef.net/mailman/listinfo/lvs-users

More information about the lvs-users mailing list