Hello everybody, I am trying to configure load balancing for udp protocol using LVS NAT. For that I have created three virtual instances with ubuntu, one (192.199.1.1) is load director and others (192.199.1.2 and 192.199.1.3) are real servers where application based on udp protocol are running. I have configured ipvsadm and setup iptables in real server.
Real server looks like something below.... root@ubuntutcs:~# ipvsadm -l IP Virtual Server version 1.2.1 (size=4096) Prot LocalAddress:Port Scheduler Flags -> RemoteAddress:Port Forward Weight ActiveConn InActConn UDP ipvslb-v3.novalocal:5 rr -> 192.199.1.2:5683 Masq 1 0 0 -> 192.199.1.3:5683 Masq 1 0 0 root@ubuntutcs:~# root@ubuntutcs:~# root@ubuntutcs:~# iptables -t nat -L Chain PREROUTING (policy ACCEPT) target prot opt source destination DNAT udp -- anywhere anywhere udp dpt:5683 to:192.199.1.2:5683 DNAT udp -- anywhere anywhere udp dpt:5683 to:192.199.1.3:5683 Chain INPUT (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination Chain POSTROUTING (policy ACCEPT) target prot opt source destination MASQUERADE tcp -- 192.199.122.0/24 !192.199.122.0/24 masq ports: 1024-65535 MASQUERADE udp -- 192.199.122.0/24 !192.199.122.0/24 masq ports: 1024-65535 MASQUERADE all -- 192.199.122.0/24 !192.199.122.0/24 MASQUERADE all -- anywhere anywhere root@ubuntutcs:~# root@ubuntutcs:~# But the problem is, all requests are forwarding to one real server. More specifically, requests are only forwarded to that real server which come first in the nat iptable. So, problem is, what I have configured is just a proxy server not load balancer. I have used "tcpdump" as packet tracker, here is the output root@ubuntutcs:~# root@ubuntutcs:~# !tcpdump root@ubuntutcs:~# tcpdump -n -i any port 5683 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on any, link-type LINUX_SLL (Linux cooked), capture size 65535 bytes 15:32:27.044214 IP 10.10.99.22.41252 > 192.199.1.1.5683: UDP, length 39 15:32:27.044347 IP 192.199.1.1.41252 > 192.199.1.2.5683: UDP, length 39 15:32:29.979111 IP 10.10.99.22.41252 > 192.168.1.1.5683: UDP, length 39 15:32:29.979206 IP 192.168.1.1.41252 > 192.168.1.2.5683: UDP, length 39 15:32:33.314250 IP 192.168.1.2.5683 > 192.168.1.1.41252: UDP, length 35 15:32:33.314620 IP 192.168.1.1.5683 > 10.10.99.22.41252: UDP, length 35 15:32:37.178892 IP 192.168.1.2.5683 > 192.168.1.1.41252: UDP, length 35 15:32:37.178964 IP 192.168.1.1.5683 > 10.10.99.22.41252: UDP, length 35 15:32:42.808209 IP 10.10.99.22.52395 > 192.168.1.1.5683: UDP, length 39 15:32:42.808327 IP 192.168.1.1.52395 > 192.168.1.2.5683: UDP, length 39 15:32:45.120500 IP 10.10.99.22.52395 > 192.168.1.1.5683: UDP, length 39 15:32:45.120590 IP 192.168.1.1.52395 > 192.168.1.2.5683: UDP, length 39 15:32:46.984465 IP 192.168.1.2.5683 > 192.168.1.1.52395: UDP, length 35 15:32:46.984534 IP 192.168.1.1.5683 > 10.10.99.22.52395: UDP, length 35 Can anybody help me to understand what is required to modify here to make it load balancer? Thanks in advance, Prasun Bhattacharjee Tata Consultancy Services Mailto: [email protected] Website: http://www.tcs.com ____________________________________________ Experience certainty. IT Services Business Solutions Consulting ____________________________________________ =====-----=====-----===== Notice: The information contained in this e-mail message and/or attachments to it may contain confidential or privileged information. If you are not the intended recipient, any dissemination, use, review, distribution, printing or copying of the information contained in this e-mail message and/or attachments to it are strictly prohibited. If you have received this communication in error, please notify us by reply e-mail or telephone and immediately and permanently delete the message and any attachments. Thank you _______________________________________________ Please read the documentation before posting - it's available at: http://www.linuxvirtualserver.org/ LinuxVirtualServer.org mailing list - [email protected] Send requests to [email protected] or go to http://lists.graemef.net/mailman/listinfo/lvs-users
