[lvs-users] source hashing some times land on wrong server (with FTP)
ja at ssi.bg
Tue Nov 5 23:08:17 GMT 2019
On Mon, 4 Nov 2019, Phillip Moore wrote:
> We have a set of director hosts that are all active (running master and
> backup at the same time) BGP/anycasting their VIPS. Then using TUN mode to
> load balance separate real servers running the FTP server.
> It sounds to me from the documentation the backup_only is for when the real
> is the same server as director. But we aren't doing that.
> We had previously used WLC instead of SH for the lb agl but we had
> customers facing similar problems where connections to data channel would
> land on a different (and unprepared to handle it) FTP server. SH seemed a
> good fit since it only looked at the source IP so seemingly requests from
> the same client (regardless of src or dst port) would land on the same real
> FTP server for the data port.
> Thank you for your input and I would appreciate it if you can expand a
> little on if backup_only would help in this case.
No, this flag helps the backup server to run as real server
by ignoring the steps that IPVS does to lookup and create connections.
The packets are simply passed to the local stack without any inspection.
Note that if sh-fallback detects unavailable real server (even with
weight 0), the fallback is temporary - when this real server becomes
available again the traffic is switched back immediately, so at such
switching moments two commections can land in different servers.
Julian Anastasov <ja at ssi.bg>
More information about the lvs-users