Hello, I can confirm that these issues were exasperated by Ubuntu's since-lucid default of turning on rp_filter.
this fixes: for i in /proc/sys/net/ipv4/conf/*/rp_filter ; do echo "setting $i to 0" ; echo 0 > $i ; done Regards, C. On Wed, Nov 03, 2010 at 08:15:08PM +0000, Charlie Allom <[email protected]> wrote: > Hello, > > I am having an odd issue with a DR setup. When the director is running, > and the VIP is on eth0:0, I can't reach the VIP over TCP. I know it's to > do with LVS, because as soon as I swap the director by failing the > heartbeat, the new director (app1) then fails in the same way.. > and the failing one (app0) then starts working! > > a diagram: > > app0 (ipvsadm 1:1.25.clean-1) > eth0:0 94.228.67.2/32 > eth0 94.228.67.7/28 > > app1 (heartbeat backup) > lo:0 94.228.67.2/32 > eth0 94.228.67.8/28 > > app2 (plain old server) > lo:0 94.228.67.2/32 > eth0 94.228.67.9/28 > > and here is the problem: > > 20:03 app0:~% sudo /etc/init.d/nginx restart > Restarting nginx: nginx. > > 20:04 app0:~% telnet 94.228.67.2 80 > Trying 94.228.67.2...Connected to 94.228.67.2. > Escape character is '^]'. > ^] > telnet> Connection closed. > > 20:04 app0:~% telnet 94.228.67.2 80 > Trying 94.228.67.2... > telnet: Unable to connect to remote host: Connection timed out > > 20:04 app0:~% sudo ethtool -k eth0 > Offload parameters for eth0: > rx-checksumming: on > tx-checksumming: on > scatter-gather: off > tcp-segmentation-offload: off > udp-fragmentation-offload: off > generic-segmentation-offload: on > generic-receive-offload: off > large-receive-offload: off > > 20:04 app0:~% sudo /etc/init.d/nginx restart > Restarting nginx: nginx. > > 20:05 app0:~% telnet 94.228.67.2 80 > Trying 94.228.67.2... > telnet: Unable to connect to remote host: Connection timed out > > 20:05 app0:~% sudo sysctl -p > net.ipv4.conf.lo.arp_ignore = 1 > net.ipv4.conf.lo.arp_announce = 2 > net.ipv4.conf.all.arp_ignore = 1 > net.ipv4.conf.all.arp_announce = 2 > > 20:07 app0:~% uname -a > Linux app0 2.6.32-25-server #45-Ubuntu SMP Sat Oct 16 20:06:58 > UTC 2010 x86_64 GNU/Linux > > Strangely though, ICMP works throughout the TCP failing. I never lose a > single ping. > > These NICs are Broadcom NetXtreme II BCM5709's. > > I have successfully setup this configuration on Debian lenny, > 2.6.26-2-amd64, so I know it works.. I'm just hoping someone has seen > this before and can point me in the right direction. > > Regards, > C. > -- > 020 7729 4797 > http://playlouder.com/ > > _______________________________________________ > Please read the documentation before posting - it's available at: > http://www.linuxvirtualserver.org/ > > LinuxVirtualServer.org mailing list - [email protected] > Send requests to [email protected] > or go to http://lists.graemef.net/mailman/listinfo/lvs-users -- 020 7729 4797 http://playlouder.com/ _______________________________________________ Please read the documentation before posting - it's available at: http://www.linuxvirtualserver.org/ LinuxVirtualServer.org mailing list - [email protected] Send requests to [email protected] or go to http://lists.graemef.net/mailman/listinfo/lvs-users
