Willem

Asked: 2013-08-22 01:40:26 +0800 CST2013-08-22 01:40:26 +0800 CST 2013-08-22 01:40:26 +0800 CST

Linux IPVS in DR mode: VIP unreachable for director

I use direct routing mode. How do I make the loadbalanced service available to the director (DIR) using the virtual service ip (VIP)?

When I try to connect from DIR to the VIP, Linux (3.2.0) sees that the VIP is bound to a local interface and uses the VIP itself as source address.

Tcpdump:

08:47:51.573100 IP VIP.34762 > VIP.ssh: Flags [S]

According to tcpdump, the packet is not forwarded. Ipvsadm does see an extra inactive connection though. Even if it was forwarded, it wouldn't matter, as the realserver (RS) would not be able to send a reply, as it would not know where to send it to (RS has the VIP bound to the lo interface).

IMHO, the solution is to force the DIR to never create packets with the VIP as source address. When connecting to the VIP, it should use the DIR IP as source address.

However, another problem might be, that IPVS doesn't listen on the loopback interface.

# ip route get VIP
local VIP dev lo  src VIP

I could use iptables to rewrite the packets, but that feels quite hackish.

TIA.

Linux IPVS in DR mode: VIP unreachable for director

Can you pass user/pass for HTTP Basic Authentication in URL parameters?

Ping a Specific Port

Check if port is open or closed on a Linux server?

How to automate SSH login with password?

How do I tell Git for Windows where to find my private RSA key?

What's the default superuser username/password for postgres after a new install?

What port does SFTP use?

Command line to list users in a Windows Active Directory group?

What is a Pem file and how does it differ from other OpenSSL Generated Key File Formats?

How to determine if a bash variable is empty?

Linux IPVS in DR mode: VIP unreachable for director

0 Answers