On Wed, Mar 31, 2010 at 12:02:45AM +0200, svensven wrote: > Simon Horman wrote: > > Seventh Sven wrote: > >> Simon Horman wrote: > >>> svensven wrote: > >>>> 28 [61.019] IPVS: lookup/in TCP 10.0.0.3:54590->10.0.0.10:9999 hit > >>>> 29 [61.019] IPVS: Enter: ip_vs_dr_xmit, net/netfilter/ipvs/ip_vs_xmit.c > >> > >> LVS B (backup, own IP address 10.0.0.6): > >> FWM 10 rr > >> -> 10.0.0.6:9999 Local 1 0 0 > > > > The thing that is confusing me, is that the connection entry should > > have the real server set to 10.0.0.6, and that is a local address on > > LVS B, and thus ip_vs_null_xmit() should be called. > > > > When I say should, I mean, I think that the code ought to behave > > that way. But clearly it isn't for some reason. > > I'm getting a bit confused about the mix of direct routing and the > connection table. The purpose of the connection table should be to > determine which incoming packets to consider for IPVS treatment. With > DR, the connection entry dest addr should be the vip. That seems to be > the case here. > > On the other hand, if the purpose of the connection table is to > determine the mapping between a client and a realserver, then it would > make sense to either keep the realserver as the dest addr. Then you'd > need an additional mapping between the client-to-vip and > client-to-real entries. Or put mac addresses in the table.. > > I'll try to dig a bit more into how the connection table looks when > the connection is established to get a better idea of how this works.
The connection table consists of the following tuple: * end-user (client) ip address and port * virtual-service ip (vip) and port * real-server ip address and port The purpose of the connection table is to map end-user->virtual-service connections with a real-server. When a packet is received a lookup occurs and if a match is found then the packet is deemed to be part of an existing connection handled by IPVS. It is then forwarded to the real-server (rip) present in the connection table entry that was matched. So the connection table determines if a packet, other than those for new connections, should be handled by IPVS. And it determines the mapping between the end-user->virtual-service and real-server. _______________________________________________ Please read the documentation before posting - it's available at: http://www.linuxvirtualserver.org/ LinuxVirtualServer.org mailing list - lvs-users@LinuxVirtualServer.org Send requests to lvs-users-requ...@linuxvirtualserver.org or go to http://lists.graemef.net/mailman/listinfo/lvs-users