On Tue, 2011-07-05 at 09:37 +0200, Luc van Donkersgoed wrote: > I don't see any mention of segfaults in my logs, but did manage to solve my > problem. Apparently I forgot some basic configuration on my webservers, which > screwed up ARP. I don't understand the specifics yet - I will delve into that > today - but the solution was to add these lines to /etc/sysctl.conf:
This is a very well-understood and documented issue but one which catches out a lot of people. Look in the HOWTO, Google or search the archives for "the ARP problem". In short: For LVS-DR to work, a realserver has the VIP bound to a "hidden" (dummy, loopback or other) interface. This means when the upstream router from the directors sends an ARP request saying "hey guys, who's got the VIP?" one of two things can happen: 1. The active director replies first; this is good and expected, and all works normally. 2. A realserver replies first; this is not so good, and means all requests bypass the director and go to the realserver directly. Everything becomes unbalanced. The sysctls you set prevent the realserver from replying to ARP requests on for addresses bound to interfaces which are supposed to remain "hidden". Graeme _______________________________________________ Please read the documentation before posting - it's available at: http://www.linuxvirtualserver.org/ LinuxVirtualServer.org mailing list - [email protected] Send requests to [email protected] or go to http://lists.graemef.net/mailman/listinfo/lvs-users
