On the failing real servers the response is sent but is never received by the client (e4:11:5b:ae:f9:e5). On the working server the response is sent and the client gets it and sends an ACK and the connection is open.
I run tcpdump on the client (my Mac for the testing) and that is how I know that the SYN-ACK packet is not received from the failing real servers. This is the mind boggling thing...where are they going? Could it be a smart switch in the cloud environment? If so, then why would one server out of five work correctly? The real servers are not responding to arping. Only the Directory does. Bruce On 3/3/14 12:28 PM, Julian Anastasov wrote: > Hello, > > On Mon, 3 Mar 2014, Bruce Rudolph wrote: > >> 18:21:12.346386 Out e4:11:5b:ae:f9:e5 ethertype IPv4 (0x0800), >> length 76: (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto TCP >> (6), length 60) >> <VIP>.80 > <CIP//>.62628: Flags [S.], cksum 0xf2a9 (correct), >> seq 4207299083, ack 4011092519, win 14480, options [mss >> 1460,sackOK,TS val 82369115 ecr 3844971164,nop,wscale 7], length 0 > Response is going to e4:11:5b:ae:f9:e5 ? Do > you see it reaching there? Also, simple test with > client on LAN can reveal the problem, just check with > tcpdump on client box. It can show if problem comes > from router or from real servers. Sometimes, smart > switches can be the culprit too. > > Also, check on real servers (mostly the working > one) with tcpdump that you don't see the VIP in > outgoing ARP packets, only director can expose the VIP > in ARP packets. This can be also checked from client on > LAN with 'arping -c 1 VIP', only the director should > reply for VIP. > > Regards > > -- > Julian Anastasov <j...@ssi.bg> _______________________________________________ Please read the documentation before posting - it's available at: http://www.linuxvirtualserver.org/ LinuxVirtualServer.org mailing list - lvs-users@LinuxVirtualServer.org Send requests to lvs-users-requ...@linuxvirtualserver.org or go to http://lists.graemef.net/mailman/listinfo/lvs-users
