keepalived状态为SYN_RECV链接无法打开?

Submitted by wang on 周二, 2011-03-22 07:58

我参照http://www.keepalived.org/sery-lvs-cluster.pdf文档用2台虚拟机做实验,这2台机器同时也做apache的服务,目的是做apache的高可用负载均衡

主node1:192.168.83.211(安装软件ipvsadm、keepalived及apche)
备node2:192.168.83.212(安装软件ipvsadm、keepalived及apche)
VIP地址:192.168.83.200

我在机器192.168.83.50上用ie8打开VIP地址:192.168.83.200,无法打开,监控输出情况:
[root@node211 ~]# ipvsadm -lcn |grep 83.50
TCP 00:59 SYN_RECV 192.168.83.50:55404 192.168.83.200:80 192.168.83.212:80
TCP 01:00 SYN_RECV 192.168.83.50:55410 192.168.83.200:80 192.168.83.212:80
TCP 01:00 SYN_RECV 192.168.83.50:55400 192.168.83.200:80 192.168.83.212:80
TCP 01:00 SYN_RECV 192.168.83.50:55589 192.168.83.200:80 192.168.83.212:80

[root@node212 ~]# ipvsadm -lcn |grep 83.50
TCP 01:00 SYN_RECV 192.168.83.50:55410 192.168.83.200:80 192.168.83.211:80
TCP 01:00 SYN_RECV 192.168.83.50:55400 192.168.83.200:80 192.168.83.211:80
TCP 01:00 SYN_RECV 192.168.83.50:55589 192.168.83.200:80 192.168.83.211:80
TCP 01:00 SYN_RECV 192.168.83.50:55404 192.168.83.200:80 192.168.83.211:80

同时记录apache的访问情况,发现来至192.168.83.50的一个访问请求、两个apache都作出了响应:
node211上显示
192.168.83.50 - - [22/Mar/2011:15:39:26 +0800] "GET /icons/apache_pb2.gif HTTP/1.1" 304 - "http://192.168.83.200/" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) ; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3)"

node212上显示
192.168.83.50 - - [22/Mar/2011:15:39:34 +0800] "GET / HTTP/1.1" 403 3985 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) ; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3)"

在正常情况下,来至192.168.83.50的一个访问请求、只会其中一个apache作出了响应,记录如下:
192.168.83.50 - - [22/Mar/2011:15:43:05 +0800] "GET / HTTP/1.1" 403 3985 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) ; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3)"
192.168.83.50 - - [22/Mar/2011:15:43:05 +0800] "GET /icons/apache_pb2.gif HTTP/1.1" 304 - "http://192.168.83.200/" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) ; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.3)"

两台机器watch ipvsadm -ln 执行信息如下:
[root@node211 ~]# ipvsadm -l
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.83.200:http wlc
-> node212:http Route 1 0 5
-> node211:http Local 1 0 0

[root@node212 ~]# ipvsadm -l
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.83.200:http wlc
-> node212:http Local 1 0 0
-> node211:http Route 1 0 5

您知道这是什么原因吗?
mail:wang.hy8166@gmail.com

Forums: