> -----Original Message-----
> From: lvs-users-boun...@linuxvirtualserver.org 
> [mailto:lvs-users-boun...@linuxvirtualserver.org] On Behalf 
> Of Lloyd Brown
> Sent: Tuesday, July 29, 2014 12:58 AM
> To: lvs-users@linuxvirtualserver.org
> Subject: [lvs-users] TCP Connection Sync Problems RHEL
> Hi, all.
> I'm currently testing a RHEL 6.5 based LVS Director setup for 
> load balancing SSH connections.  I've used Debian directors 
> for a number of years, and they've worked great, but for some 
> reason, the RHEL directors aren't acting the way I'm expecting.
> Basically I'm seeing two things:
> - The backup director doesn't seem to be getting the client 
> connection info synchronized
> - The connection info (eg. the output of "ipvsadm -L -c") 
> doesn't show the connection closing.  Instead it stays in 
> "ESTABLISHED" state until it times out.
> I'm not really sure how to troubleshoot the second issue.  So 
> for now, I'm focusing on the first, the one about the 
> connection sync problem.  I did capture the packets between 
> the two directors, using tcpdump, and when I open the capture 
> file in wireshark, I see "Connection Count: 0".
>  When I do a similar capture on my working Debian directors, 
> I see non-zero connection count, and the details of the 
> specific connections, in the wireshark analysis.
> Any thoughts here?  How do I go about finding the problem 
> here?  Should I be looking at kernel code? ipvsadm code?
> I'm using keepalived to manage this, so I'll include that 
> .conf file here, as well as example capture files from my 
> working Debian setup, and the non-working RHEL test setup.  
> Note that the packet captures also include the VRRP sync 
> packets, but they can be ignored.
> Both directors are basically stock RHEL 6.5, running kernel 
> 2.6.32-431.17.1.el6.x86_64, keepalived-1.2.7, and ipvsadm-1.25.
> If anyone can point me in the right direction on how to 
> diagnose this, I'd appreciate it.
> Thanks,

Hi Lloyd,

do you have disables SELinux for the RHEL hosts? By the way: also set the
firewall to accept all (later if all is working you should set up a firewall
of cause)

I wich way you communicate the keepalived between the two directors? Over
Ethernet or serial cable?

best regards

Frank Kirschner

Frank Kirschner
IT Services
Celebrate Records GmbH
Am Birkenwaeldchen 2
09366 Stollberg
mail: fr...@celebrate.de
web: www.celebrate.de
fon: +49 37296 9201 60
fax: +49 37296 9201 75
CEO: Carsten Haupt
USt ID: DE 812 617 147
Registered at Country Court Chemnitz
HRB ID: 16308
PGP-Key is available at pgp.mit.edu

Please read the documentation before posting - it's available at:

LinuxVirtualServer.org mailing list - lvs-users@LinuxVirtualServer.org
Send requests to lvs-users-requ...@linuxvirtualserver.org
or go to http://lists.graemef.net/mailman/listinfo/lvs-users

Reply via email to