LVS/TUN三台机器尝试在公网上做均衡,一台rs无法正常工作,总是SYN_RECV状态,请教!

ls ip: 72.11.150.198
rs1 ip: 61.142.80.78
rs2 ip: 61.147.124.212

ls上运行如下指令:
ifconfig eth0:0 72.11.150.198 netmask 255.255.255.255 broadcast 72.11.150.198 up
route add -host 72.11.150.198 dev eth0:0
echo "0" > /proc/sys/net/ipv4/ip_forward
echo "1" > /proc/sys/net/ipv4/conf/all/send_redirects
echo "1" > /proc/sys/net/ipv4/conf/default/send_redirects
echo "1" > /proc/sys/net/ipv4/conf/eth0/send_redirects
sysctl -p
ipvsadm -C
ipvsadm -A -t 72.11.150.198:80 -s wlc
ipvsadm -a -t 72.11.150.198:80 -r 61.147.124.212:80 -i -w 1
ipvsadm -a -t 72.11.150.198:80 -r 61.142.80.78:80 -i -w 1

rs1,rs2上运行如下指令:
ifconfig tunl0 down
ifconfig tunl0 up
ifconfig tunl0 72.11.150.198 broadcast 72.11.150.198 netmask 255.255.255.255 up
route add -host 72.11.150.198 dev tunl0
echo "0" >/proc/sys/net/ipv4/ip_forward
echo "1" > /proc/sys/net/ipv4/conf/tunl0/arp_ignore
echo "2" > /proc/sys/net/ipv4/conf/tunl0/arp_announce
echo "1" > /proc/sys/net/ipv4/conf/all/arp_ignore
echo "2" > /proc/sys/net/ipv4/conf/all/arp_announce
echo "0" > /proc/sys/net/ipv4/conf/all/rp_filter
echo "0" > /proc/sys/net/ipv4/conf/tunl0/rp_filter

rs1上显示:
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 72.11.150.198.static.quadran wlc
-> 61.142.80.78:http Tunnel 1 0 0
-> 61.147.124.212:http Tunnel 1 0 0

打开网页刷新72.11.150.198后,页面不正常,如下列表:
查看ls服务器可以看到61.142.80.78总是处在SYN_RECV状态,不能进入ESTABLISHED状态。把这台主机删除,访问很正常.

pro expire state source virtual destination
TCP 00:57 SYN_RECV 218.77.119.5:13016 72.11.150.198:http 61.142.80.78:http
TCP 00:58 SYN_RECV 218.77.119.5:12414 72.11.150.198:http 61.142.80.78:http
TCP 00:57 SYN_RECV 218.77.119.5:12871 72.11.150.198:http 61.142.80.78:http
TCP 00:57 SYN_RECV 218.77.119.5:13183 72.11.150.198:http 61.142.80.78:http
TCP 14:59 ESTABLISHED 218.77.119.5:13131 72.11.150.198:http 61.147.124.212:http
TCP 00:57 SYN_RECV 218.77.119.5:13048 72.11.150.198:http 61.142.80.78:http
TCP 00:36 SYN_RECV 218.77.119.5:14026 72.11.150.198:http 61.142.80.78:http

不知道如何才能调试61.142.80.78这台机器?问题是出在机器本身?还是服务商的机房路由上?tcpdump该如何设置才能查看61.142.80.78为什么停在SYN_RECV状态上?

在网上搜索,看到这些
http://bbs.linuxtone.org/thread-5978-1-1.html
http://zh.linuxvirtualserver.org/node/225
也有类似的问题,但无结果

抓包结果:

ls上对不正常机器发送的结果
listening on eth0, link-type EN10MB (Ethernet), capture size 96 bytes
16:32:33.919491 IP 72.11.150.146 > 61.142.80.78: IP 218.77.119.50.12379 > 72.11.150.198.http: S 3012294522:3012294522(0) win 64240 (ipip-proto-4)
16:32:34.188458 IP 72.11.150.146 > 61.142.80.78: IP 218.77.119.50.13555 > 72.11.150.198.http: S 2780978615:2780978615(0) win 64240 (ipip-proto-4)
16:32:34.258358 IP 72.11.150.146 > 61.142.80.78: IP 218.77.119.50.13590 > 72.11.150.198.http: S 483913450:483913450(0) win 64240 (ipip-proto-4)
16:32:36.971361 IP 72.11.150.146 > 61.142.80.78: IP 218.77.119.50.12379 > 72.11.150.198.http: S 3012294522:3012294522(0) win 64240 (ipip-proto-4)
16:32:42.918654 IP 72.11.150.146 > 61.142.80.78: IP 218.77.119.50.12379 > 72.11.150.198.http: S 3012294522:3012294522(0) win 64240 (ipip-proto-4)
16:32:55.328239 IP 72.11.150.146 > 61.142.80.78: IP 218.77.119.50.12395 > 72.11.150.198.http: S 677764303:677764303(0) win 64240 (ipip-proto-4)

ls上对正常机器发送的结果
listening on eth0, link-type EN10MB (Ethernet), capture size 96 bytes
16:33:02.389355 IP 72.11.150.146 > 61.147.124.212: IP 218.77.119.50.13553 > 72.11.150.198.http: P 1686600781:1686601367(586) ack 3026848119 win 64240 (ipip-proto-4)
16:33:02.754744 IP 72.11.150.146 > 61.147.124.212: IP 218.77.119.50.13553 > 72.11.150.198.http: . ack 2921 win 64240 (ipip-proto-4)
16:33:02.922897 IP 72.11.150.146 > 61.147.124.212: IP 218.77.119.50.13553 > 72.11.150.198.http: . ack 4381 win 64240 (ipip-proto-4)
16:33:02.933060 IP 72.11.150.146 > 61.147.124.212: IP 218.77.119.50.13553 > 72.11.150.198.http: . ack 7301 win 64240 (ipip-proto-4)
16:33:03.102533 IP 72.11.150.146 > 61.147.124.212: IP 218.77.119.50.13553 > 72.11.150.198..http: . ack 10221 win 64240 (ipip-proto-4)
16:33:03.112313 IP 72.11.150.146 > 61.147.124.212: IP 218.77.119.50.13553 > 72.11.150.198.http: . ack 11681 win 64240 (ipip-proto-4)

不正常的机器上面抓包如下
14:21:38.766239 IP 72.11.150.198.http > 218.77.119.50.12352: S 3837576963:3837576963(0) ack 3257648491 win 5840
14:21:39.405514 IP 72.11.150.198.http > 218.77.119.50.12352: S 3837576963:3837576963(0) ack 3257648491 win 5840
14:21:40.805001 IP 72.11.150.198.http > 218.77.119.50.12408: S 3765285300:3765285300(0) ack 3321138147 win 5840
14:21:42.604351 IP 72.11.150.198.http > 218.77.119.50.13730: S 3804237178:3804237178(0) ack 3127499302 win 5840
14:21:45.404328 IP 72.11.150.198.http > 218.77.119.50.13969: S 3815601955:3815601955(0) ack 4007466391 win 5840

正常机器上面抓包如下
13:53:08.125177 IP 72.11.150.198.http > 218.77.119.50.12574: . 148111:149571(1460) ack 45243 win 64974
13:53:08.125181 IP 72.11.150.198.http > 218.77.119.50.12574: . 149571:151031(1460) ack 45243 win 64974
13:53:08.125184 IP 72.11.150.198.http > 218.77.119.50.12574: . 151031:152491(1460) ack 45243 win 64974
13:53:08.301539 IP 72.11.150.198.http > 218.77.119.50.12574: . 152491:153951(1460) ack 45243 win 64974
13:53:08.301544 IP 72.11.150.198.http > 218.77.119.50.12574: . 153951:155411(1460) ack 45243 win 64974
13:53:08.301783 IP 72.11.150.198.http > 218.77.119.50.12574: . 155411:156871(1460) ack 45243 win 64974
13:53:08.407367 IP 72.11.150.198.http > 218.77.119.50.12574: . 156871:158331(1460) ack 45243 win 64974
13:53:08.478640 IP 72.11.150.198.http > 218.77.119.50.12574: P 158331:158437(106) ack 45243 win 64974

Forums:

怎么解决的能贴一下步骤吗?