什么软件能检测lvs/tun模式下的realserver的tunnel的健康

Submitted by renawang on 周五, 2006-11-03 02:31

在应用过程中发现,一个群组中假如一台realserver的tunnel down了,ldirectord是检测不到的,假如这群组的realserver是运行apache服务,则一切还能正常,只是tunnel down的那台服务器的连接数会慢慢减少;但如果这群组的realserver运行的是squid的话,只要其中一台的tunnel down了,则整组lvs就失去了作用,新进来的连接会全往tunnel已经down了的那台服务器,状态全是SYN_RECV,不知道是什么原因。

Forums:

wensong

周日, 2006-11-12 10:29

在LVS/TUN集群中,realserver上没有必要设置点到点的tunnel隧道,只要将tunnel设备激活就可以。

renawang

周一, 2006-11-13 08:31

衡,所有的新连接都会送到那台tunnel设备down了的realserver。我的realserver的tunnel脚本是这样
[roo@init.d]# vi tunl0

#!/bin/sh

# chkconfig: 2345 70 10

# description: Config tunl port and apply arp patch

VIP=192.168.100.203
. /etc/rc.d/init.d/functions

case "$1" in

start)

echo "Tunl port starting"

ifconfig tunl0 $VIP netmask 255.255.255.255 broadcast $VIP up

echo 1 > /proc/sys/net/ipv4/ip_forward

/bin/echo "1" > /proc/sys/net/ipv4/conf/all/arp_ignore
/bin/echo "2" > /proc/sys/net/ipv4/conf/all/arp_announce
/bin/echo "1" > /proc/sys/net/ipv4/conf/tunl0/arp_ignore
/bin/echo "2" > /proc/sys/net/ipv4/conf/tunl0/arp_announce
/bin/echo "0" > /proc/sys/net/ipv4/conf/tunl0/rp_filter

;;

stop)

echo "Tunl port closing"

ifconfig tunl0 down

echo 1 > /proc/sys/net/ipv4/ip_forward

/bin/echo "1" > /proc/sys/net/ipv4/conf/all/arp_ignore
/bin/echo "2" > /proc/sys/net/ipv4/conf/all/arp_announce

;;

*)

echo "Usage: $0 {start|stop}"

exit 1

esac

例如我有三台rs分别为192.168.100.120、192.168.100.125和100.128,现在我在100.125上运行tunl0 stop,在100.125上运行ifconfig
[root@OP ~]# ifconfig
eth0 Link encap:Ethernet HWaddr 00:20:ED:10:E7:46
inet addr:192.168.100.125 Bcast:192.168.100.255 Mask:255.255.255.0
inet6 addr: fe80::220:edff:fe10:e746/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:1908 errors:0 dropped:0 overruns:0 frame:0
TX packets:736 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:200397 (195.7 KiB) TX bytes:64731 (63.2 KiB)
tunnel没激活,但在高度器上运行ipvsadm -ln,显示的是125这台机器的weight值还是1
[root@backup ~]# ipvsadm -ln
IP Virtual Server version 1.2.0 (size=1048576)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.100.203:80 wlc
-> 192.168.100.128:80 Tunnel 1 0 0
-> 192.168.100.120:80 Tunnel 1 0 0
-> 192.168.100.125:80 Tunnel 1 0 0
这时候如果运行telnet 192.168.100.203 80,则显示
[root@backup ~]# ipvsadm -lnc
IPVS connection entries
pro expire state source virtual destination
TCP 00:39 SYN_RECV 192.168.100.1:32779 192.168.100.203:80 192.168.100.125:80
TCP 00:42 SYN_RECV 192.168.100.1:32773 192.168.100.203:80 192.168.100.125:80
TCP 00:42 SYN_RECV 192.168.100.1:32782 192.168.100.203:80 192.168.100.125:80
TCP 00:30 SYN_RECV 192.168.100.1:32774 192.168.100.203:80 192.168.100.125:80
TCP 00:36 SYN_RECV 192.168.100.1:32777 192.168.100.203:80 192.168.100.125:80
TCP 00:40 SYN_RECV 192.168.100.1:32780 192.168.100.203:80 192.168.100.125:80
TCP 00:44 SYN_RECV 192.168.100.1:32783 192.168.100.203:80 192.168.100.125:80
TCP 00:33 SYN_RECV 192.168.100.1:32775 192.168.100.203:80 192.168.100.125:80
TCP 00:45 SYN_RECV 192.168.100.1:32784 192.168.100.203:80 192.168.100.125:80
TCP 00:37 SYN_RECV 192.168.100.1:32772 192.168.100.203:80 192.168.100.125:80
TCP 14:56 ESTABLISHED 192.168.100.1:32785 192.168.100.203:80 192.168.100.128:80
TCP 01:56 FIN_WAIT 192.168.100.1:32770 192.168.100.203:80 192.168.100.128:80
TCP 00:41 SYN_RECV 192.168.100.1:32781 192.168.100.203:80 192.168.100.125:80
TCP 14:11 ESTABLISHED 192.168.100.1:32771 192.168.100.203:80 192.168.100.120:80
TCP 00:35 SYN_RECV 192.168.100.1:32776 192.168.100.203:80 192.168.100.125:80
TCP 00:37 SYN_RECV 192.168.100.1:32778 192.168.100.203:80 192.168.100.125:80

randomness