Hi guys, I’ve been playing around today with two NFS servers (each on their own storage array), synced by Unison to provide a bit higher uptime.
To allow NFS clients to use a single IP, I’ve configured an haproxy install (1 now, two when in prod), where I want to talk over tcp mode to the NFS servers. My idea is that all traffic is directed based on the source IP balancing, so the traffic will be somewhat 50/50 on each NFS server. My question is if anyone have actually ever got a setup like this to work, I’m using NFS 4.0, and whenever I try to mount the NFS mount on the client, it does communicate with haproxy, and I do see traffic on the NFS server itself, meaning the communication seems to work. The issue I’m facing, is that the mounting will actually never complete due to some weird behavior when I go through haproxy: Aug 01 21:44:44 nfs-server-f8209dc4-a1a6-4baf-86fa-eba0b0254bc9 kernel: RPC: fragment too large: 1347571544 Aug 01 21:44:44 nfs-server-f8209dc4-a1a6-4baf-86fa-eba0b0254bc9 kernel: RPC: fragment too large: 1347571544 Aug 01 21:44:44 nfs-server-f8209dc4-a1a6-4baf-86fa-eba0b0254bc9 kernel: RPC: fragment too large: 1347571544 Aug 01 21:44:45 nfs-server-f8209dc4-a1a6-4baf-86fa-eba0b0254bc9 kernel: RPC: fragment too large: 1347571544 It will continue to give this “fragment too large”. If I bypass haproxy it works completely fine, so I know the NFS Server is configured correctly for the client to connect. My haproxy configuration looks like this: global log 127.0.0.1 local1 debug nbproc 4 user haproxy group haproxy daemon chroot /var/lib/haproxy pidfile /var/run/haproxy.pid defaults mode tcp log global option tcplog timeout client 1m timeout server 1m timeout connect 10s balance source frontend nfs-in1 bind *:2049 use_backend nfs_backend1 frontend nfs-in2 bind *:111 use_backend nfs_backend2 frontend nfs-in3 bind *:46716 use_backend nfs_backend3 frontend nfs-in4 bind *:36856 use_backend nfs_backend4 backend nfs_backend1 server nfs1 217.xx.xx.xx:2049 send-proxy backend nfs_backend2 server nfs1 217.xx.xx.xx:111 send-proxy backend nfs_backend3 server nfs1 217.xx.xx.xx:46716 send-proxy backend nfs_backend4 server nfs1 217.xx.xx.xx:36856 send-proxy I use the “send-proxy” to let the NFS Server see the actual source IP, instead of the haproxy machine IP. If anyone has any idea what can be the cause of the “fragment too large” when going via haproxy, or an actual working config for haproxy to do NFS 4.0 or 4.1 traffic – then please let me know! Best Regards, Lucas Rolff
