my bad, the reset on real server is happening as the part of the tcp check
and not from load balancer
So the lvs director replies with rst,ack as a reply to syn packet
-srini
On Sat, Sep 23, 2017 at 9:46 AM, Srinivas Boga <bse...@gmail.com> wrote:
> In AWS, I am trying to get the keepalived/ipvs working and see that the
> load balancer/director does not forward the requests to my real server
>
>
> ubuntu@ip-172-31-6-2:~$ cat /etc/keepalived/keepalived.conf
> global_defs {
> notification_email {
> t...@test.com
> }
> }
>
> virtual_server 13.57.18.235 1935 {
> delay_loop 30
> lb_algo rr
> lb_kind DR
> persistence_timeout 50
> protocol TCP
> real_server 172.31.12.15 1935 {
> TCP_CHECK {
> connect_port 1935
> connect_timeout 3
> }
> }
> }
>
> vrrp_instance v1 {
> state MASTER
> interface eth0
> lvs_sync_daemon_interface eth0
> virtual_router_id 51
> priority 150
> advert_int 1
> virtual_ipaddress {
> 13.57.18.235
> }
> }
>
> ubuntu@ip-172-31-6-2:~$ sudo ipvsadm -L -n
> IP Virtual Server version 1.2.1 (size=4096)
> Prot LocalAddress:Port Scheduler Flags
> -> RemoteAddress:Port Forward Weight ActiveConn InActConn
> TCP 13.57.18.235:1935 rr persistent 50
> -> 172.31.12.15:1935 Route 1 0 0
>
> loopback on real
>
> ubuntu@ip-172-31-12-15:~$ ifconfig lo:0
> lo:0 Link encap:Local Loopback
> inet addr:13.57.18.235 Mask:255.0.0.0
> UP LOOPBACK RUNNING MTU:65536 Metric:1
>
> When i run tcpdump on both the loadbalancer and real see that tcp reset
> happens on the loadbalancer after sync and reset happens after the
> handshake on the real
>
> tcpdump on loadbalancer
>
> 03:50:35.405489 IP (tos 0x0, ttl 51, id 59005, offset 0, flags [DF],
> proto TCP (6), length 64)
> c-98-207-84-68.hsd1.ca.comcast.net.51279 >
> ip-172-31-6-2.us-west-1.compute.internal.1935: Flags [S], cksum 0x4e32
> (correct), seq 2162214371 <(216)%20221-4371>, win 65535, options [mss
> 1460,nop,wscale 5,nop,nop,TS val 373641902 ecr 0,sackOK,eol], length 0
> E..@.}@.3...b.TD.....O..............N2.............
> .ER.........
> 03:50:35.405531 IP (tos 0x0, ttl 64, id 46103, offset 0, flags [DF],
> proto TCP (6), length 40)
> ip-172-31-6-2.us-west-1.compute.internal.1935 >
> c-98-207-84-68.hsd1.ca.comcast.net.51279: Flags [R.], cksum 0x2ff8
> (correct), seq 0, ack 1, win 0, length 0
> E..(..@.@.......b.TD...O........P.../...
>
> tcpdump on real
>
> ip-172-31-6-2.us-west-1.compute.internal.44230 >
> ip-172-31-12-15.us-west-1.compute.internal.1935: Flags [S], cksum 0x9ef2
> (correct), seq 2759878464, win 26883, options [mss 8961,sackOK,TS val
> 2324983234 ecr 0,nop,wscale 7], length 0
> E..<.v@.@.?...............g@......i.......#....
> ..m.........
> 03:51:52.362958 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto
> TCP (6), length 60)
> ip-172-31-12-15.us-west-1.compute.internal.1935 >
> ip-172-31-6-2.us-west-1.compute.internal.44230: Flags [S.], cksum 0x6a7e
> (incorrect -> 0x7528), seq 527723804, ack 2759878465, win 26847, options
> [mss 8961,sackOK,TS val 156996593 ecr 2324983234,nop,wscale 7], length 0
> E..<..@.@..l.............tm...gA..h.j~....#....
> [....m.....
> ip-172-31-6-2.us-west-1.compute.internal.44230 >
> ip-172-31-12-15.us-west-1.compute.internal.1935: Flags [.], cksum 0x294e
> (correct), seq 1, ack 1, win 211, options [nop,nop,TS val 2324983234 ecr
> 156996593], length 0
> E..4.w@.@.?...............gA.tm.....)N.....
> ..m. [..
> 03:51:52.363391 IP (tos 0x0, ttl 64, id 36984, offset 0, flags [DF],
> proto TCP (6), length 52)
> ip-172-31-6-2.us-west-1.compute.internal.44230 >
> ip-172-31-12-15.us-west-1.compute.internal.1935: Flags [R.], cksum 0x294a
> (correct), seq 1, ack 1, win 211, options [nop,nop,TS val 2324983234 ecr
> 156996593], length 0
> E..4.x@.@.?...............gA.tm.....)J.....
> ..m. [..
>
> Let me know if i am missing anything here
>
_______________________________________________
Please read the documentation before posting - it's available at:
http://www.linuxvirtualserver.org/
LinuxVirtualServer.org mailing list - lvs-users@LinuxVirtualServer.org
Send requests to lvs-users-requ...@linuxvirtualserver.org
or go to http://lists.graemef.net/mailman/listinfo/lvs-users
