On 10/18/13 12:50 AM, Alex Attarian wrote: > You need to change the settings in order for IPVS DR to work if you have > private and public networks or different networks on different interfaces. > Those settings are: > echo 2 > /proc/sys/net/ipv4/conf/default/rp_filter > echo 2 > /proc/sys/net/ipv4/conf/all/rp_filter > > or if you would like to just do the interface where loadbalancer is sending > traffic to, then: > echo 2 > /proc/sys/net/ipv4/conf/<interface of real server ip>/rp_filter > (in my case eth1, so echo 2 > /proc/sys/net/ipv4/conf/eth1/rp_filter) We have a large LVS environment with RHEL6 for both balancers and real servers. On most real servers we have rp_filter set to 1. Our network config is pretty much the same as yours (VIPs on lo, usually from a different subnet).
The only systems where we do have rp_filter set to 0 (I need to back and check why we picked 0 instead of 2 - 0 does work however) are systems which get packets from balancers using IPIP tunnels. > > Please note value of 1 does not have the same behavior on RHEL6 as it did > on RHEL5. Did you open a RedHat case on this behavior? Did they give you a BZ for it? Not saying changing rp_filter wasn't the right thing to do, but I've not experienced a difference in how it functions in the last 12 years, including with RHEL6. On the few RHEL5 systems I have default rp_filter value is 1, so I'd expect them to behave the same. David _______________________________________________ Please read the documentation before posting - it's available at: http://www.linuxvirtualserver.org/ LinuxVirtualServer.org mailing list - [email protected] Send requests to [email protected] or go to http://lists.graemef.net/mailman/listinfo/lvs-users
