hi lvs-evangelists, i am really a LVS nebiew and i have setup an LVS Tun Set on 3 machines.
The reason for LVS Tun was because i have get very trouble with routing over privat networkadresses. I have get LVS NAT to run, but after some time the private netadresses wasn't reachable in the serverset. I think i have got problems with the routing of my provider. So i setup up a LVS Tun Set on public ipadresses and it works fine for me. Now i have got a response from a client he report from timeouts by post-requests. Sadly i cant reproduce this problem in my requests. The apache logs show me the follow error: "request failed: error reading the headers" After i study the LVS-Howto i found the section for MTU and package fragmentation. I added the follow rule to my iptables. But it dont help to solve the problem. iptables -A OUTPUT -s VIRTUAL-IP -p tcp -m tcp --tcp-flags SYN,RST,ACK SYN,ACK -j TCPMSS --set-mss 1440 For a better understanding of my LVS Set here are some information: 1. Im using only public ipadresses 2. my dircetor is also a realserver with 1 nic and has the follow interfaces eth0 = public ip (not in use for the LVS) eth0:80 = public ip (thats my VIRTUAL-IP) lo = 127.0.0.1 (not in use for the LVS) 3. the output of ipvsadm here (2 standalone realserver and 1 local realserver directly on the director) IP Virtual Server version 1.2.1 (size=4096) Prot LocalAddress:Port Scheduler Flags -> RemoteAddress:Port Forward Weight ActiveConn InActConn TCP VIRTUAL-IP:http rr -> REALSERVER_IP1:http Tunnel 1 0 0 -> REALSERVER_IP2:http Tunnel 1 0 0 -> localhost.localdomain:http Local 1 0 0 4. more infos for the director cat /proc/sys/net/ipv4/ip_forward = 1 no special route is added the set works fine without large posts no errors for the realserver who run directly on the director by large posts 5. the realserver with 1 nic has the follow interfaces eth0 = public ip (the REALSERVER_IP that is list in the ipvsadm output on director) lo = 127.0.0.1 (not in use for the LVS) tunl0 = VIRTUAL-IP (with no arp) 6. more infos for the realserver cat /proc/sys/net/ipv4/ip_forward = 0 no special route is added errors in this realservers by large posts > "request failed: error reading the headers" also when i use the iptables command for mtu fragmentation: iptables -A OUTPUT -s VIRTUAL-IP -p tcp -m tcp --tcp-flags SYN,RST,ACK SYN,ACK -j TCPMSS --set-mss 1440 The HTML-Post Test-Scripts hangs by connection on the realserver Some Questions: - Are my settings ok. (specially director as realserver too, use of public ips)? - for testing i have change my mtu on the director eth0:80 to 1480 but this dont solve the problem - i change also the mtu temporary on the realserver eth0 to 1480 but this dont solve the problem too - do i need a special routing for LVS-tun Maybe somebody have any ideas. Im very pleased about some tips. regards udosa from munich _______________________________________________ LinuxVirtualServer.org mailing list - [email protected] Send requests to [EMAIL PROTECTED] or go to http://lists.graemef.net/mailman/listinfo/lvs-users
