双机做lvs集群时出现主副均衡器分配冲突的故障

大家好,我是新接触LVS菜鸟,在做lvs集群的时候出现了下面的问题。

我的环境
双机,每台机既是均衡器又是RealServer。

以下是我的IP:
VIP=192.168.0.21
RIP1=192.168.0.19
RIP2=192.168.0.20

使用ipvsadm-1.24.tar.gz + keepalived-1.1.19.tar.gz搭建环境。

两台机的lvs脚本都为 /etc/init.d/ipvsdr
#!/bin/bash
# description: start LVS of DirectorServer
#Written by :NetSeek http://www.linuxtone.org
GW=192.168.0.1
# website director vip.
SNS_VIP=192.168.0.21
SNS_RIP1=192.168.0.19
SNS_RIP2=192.168.0.20

. /etc/rc.d/init.d/functions
logger $0 called with $1
case "$1" in
start)
# set squid vip
/sbin/ipvsadm --set 30 5 60
/sbin/ifconfig lo:0 $SNS_VIP broadcast $SNS_VIP netmask 255.255.255.255 up
/sbin/route add -host $SNS_VIP dev lo:0
/sbin/ipvsadm -A -t $SNS_VIP:80 -s wlc -p 30
/sbin/ipvsadm -a -t $SNS_VIP:80 -r $SNS_RIP1:80 -g -w 10
/sbin/ipvsadm -a -t $SNS_VIP:80 -r $SNS_RIP2:80 -g -w 9
touch /var/lock/subsys/ipvsadm >/dev/null 2>&1
echo "1" >/proc/sys/net/ipv4/ip_forward
/sbin/ipvsadm -C
;;

stop)
/sbin/ipvsadm -C
/sbin/ipvsadm -Z
ifconfig lo:0 down
route del $SNS_VIP
rm -rf /var/lock/subsys/ipvsadm >/dev/null 2>&1
echo "ipvsadm stoped"
echo "0" >/proc/sys/net/ipv4/ip_forward
;;

status)
if [ ! -e /var/lock/subsys/ipvsadm ];then
echo "ipvsadm stoped"
exit 1
else
echo "ipvsadm OK"
fi
;;
*)

echo "Usage: $0 {start|stop|status}"
exit 1
esac
exit 0

keepalived的配置文件为/etc/keeplived/keeplived.conf
! Configuration File for keepalived
global_defs {
notification_email {
yao@ap.com
}
notification_email_from yao@ap.com
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id LVS_DEVEL
}
vrrp_instance VI_1 {
state MASTER #另外一台为BACKUP
interface eth0
virtual_router_id 50
priority 102 #另外一台为98
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.0.21
}
}
virtual_server 192.168.0.21 80 {
delay_loop 6
lb_algo rr
lb_kind DR
nat_mask 255.255.255.0
persistence_timeout 50
protocol TCP
real_server 192.168.0.19 80 {
weight 1
TCP_CHECK {
nb_get_retry 3
delay_before_retry 3
connect_port 80
connect_timeout 10
}
}
real_server 192.168.0.20 80 {
weight 1
TCP_CHECK {
nb_get_retry 3
delay_before_retry 3
connect_port 80
connect_timeout 10
}
}
}

启动集群的是两台机分别运行/etc/init.d/ipvsdr start和/etc/init.d/keepalived start

但有时会出现客户端不能连接到主机的错误,使用ipvsadm -lcn查看的时候发现如下,两台服务器在“打皮球”。

[root@lvs1 ~]# ipvsadm -lcn
IPVS connection entries
pro expire state source virtual destination
TCP 01:00 SYN_RECV 192.168.0.25:1302 192.168.0.21:80 192.168.0.20:80
TCP 00:48 NONE 192.168.0.25:0 192.168.0.21:80 192.168.0.20:80

[root@lvs2 ~]# ipvsadm -lcn
IPVS connection entries
pro expire state source virtual destination
TCP 01:00 SYN_RECV 192.168.0.25:1302 192.168.0.21:80 192.168.0.19:80
TCP 00:48 NONE 192.168.0.25:0 192.168.0.21:80 192.168.0.19:80

我用ipvsadm -C可以暂时的解决问题,但不久之后又会出现这个问题,我认为这样集群有问题,但不知道哪里出错了,百思不得其解,求大家帮我看看。

Forums:

现在的情况是只要客户端的一次请求分布在两台上,铁定都显示state为SYN_RECV,那么必定连接不到主机了,怎么回事啊?
为什么一次请求会分布在两台服务器上呢,正常情况下应该在一台上啊.

randomness