On Sun, Sep 22, 2013 at 11:16 AM, Andrew Lau <[email protected]> wrote:
> On Sun, Sep 22, 2013 at 12:09 AM, Ferenc Wagner <[email protected]> wrote: > >> Andrew Lau <[email protected]> writes: >> >> > On Sat, Sep 21, 2013 at 9:57 PM, Ferenc Wagner <[email protected]> wrote: >> > >> >> Andrew Lau <[email protected]> writes: >> >> >> >>> I have my LVS DR routing setup on a KVM nodes, from a single node it >> >>> works great. >> >>> >> >>> Client->VIP->router dnat->loadbalancer->real server->router >> >>> snat->VIP->client >> >>> >> >>> However when I spread the load across multiple KVM nodes, the >> >>> connections still hit the real server however nothing seems to be >> >>> going out >> >>> >> >>> Client->VIP->router dnat->LVS (kvm node 1)->real server (kvm node 2) >> >>> >> >>> I can see the traffic hitting the real server through the access >> >>> logs, and a tcpdump shows it's trying to send the response >> >>> out. 10.0.3.152 being my virtual IP. But the client doesn't seem to >> >>> get the traffic. >> >> >> >> The client certainly gets the traffic, these seem like normal TCP >> >> session startups to me, with both ends actively involved. >> > >> > That's what it definitely looked like, the router packet scan even >> showed >> > the packets flowing from the VM however the client is not getting the >> end >> > result. Just timing out. >> >> I wonder who does the three way handshake and the data excange then, >> all with correct sequence numbers... Make a packet trace on the client. >> >> > Could it be because I'm running NAT between the router->loadbalancer? >> >> 10.0.3.152 is the DNAT target address for your real VIP, right? So the >> packets go: >> >> from to via >> --------------------------------------------------- >> until DNAT: client VIP external gateway >> after DNAT: client 10.0.3.152 internal gateway >> after DR: client 10.0.3.152 realserver >> reply: 10.0.3.152 client internal gateway >> after SNAT: VIP client external gateway >> >> I don't see any problem with this in principle, especially not anything >> depending on the number of real servers. >> > > Yup, that's the scenario. > > My suspicions were correct though, when the LVS and realserver are on the > same KVM node the transmissions go through without an issue. But on > separate KVM nodes (same network) the real servers are receiving the > request but the client isn't getting anything and the tcpdump looked like > it was just the client sending re-transmissions to the real server, but the > real server packets aren't making it to the client. > > If the client is within the same network though, it would seem to work so > it's pointing towards possibly a router issue. But I'm really stuck at > seeing why this is happening. > > Thanks. > > I ended up skipping the NAT and assigning it a /32 address instead, and that's solved my issue on routing and wasted address space. Thanks again for your help. Cheers > -- >> Regards, >> Feri. >> >> _______________________________________________ >> Please read the documentation before posting - it's available at: >> http://www.linuxvirtualserver.org/ >> >> LinuxVirtualServer.org mailing list - [email protected] >> Send requests to [email protected] >> or go to http://lists.graemef.net/mailman/listinfo/lvs-users >> > > _______________________________________________ Please read the documentation before posting - it's available at: http://www.linuxvirtualserver.org/ LinuxVirtualServer.org mailing list - [email protected] Send requests to [email protected] or go to http://lists.graemef.net/mailman/listinfo/lvs-users
