在应用过程中发现,一个群组中假如一台realserver的tunnel down了,ldirectord是检测不到的,假如这群组的realserver是运行apache服务,则一切还能正常,只是tunnel down的那台服务器的连接数会慢慢减少;但如果这群组的realserver运行的是squid的话,只要其中一台的tunnel down了,则整组lvs就失去了作用,新进来的连接会全往tunnel已经down了的那台服务器,状态全是SYN_RECV,不知道是什么原因。
wensong
周日, 2006-11-12 10:29
Permalink
在LVS/TUN集群中,realserver上没有必要设置点到点的tunnel隧道,只要将tunnel设备激活就可以。
renawang
周一, 2006-11-13 08:31
衡,所有的新连接都会送到那台tunnel设备down了的realserver。我的realserver的tunnel脚本是这样 [roo@init.d]# vi tunl0
#!/bin/sh
# chkconfig: 2345 70 10
# description: Config tunl port and apply arp patch
VIP=192.168.100.203 . /etc/rc.d/init.d/functions
case "$1" in
start)
echo "Tunl port starting"
ifconfig tunl0 $VIP netmask 255.255.255.255 broadcast $VIP up
echo 1 > /proc/sys/net/ipv4/ip_forward
/bin/echo "1" > /proc/sys/net/ipv4/conf/all/arp_ignore /bin/echo "2" > /proc/sys/net/ipv4/conf/all/arp_announce /bin/echo "1" > /proc/sys/net/ipv4/conf/tunl0/arp_ignore /bin/echo "2" > /proc/sys/net/ipv4/conf/tunl0/arp_announce /bin/echo "0" > /proc/sys/net/ipv4/conf/tunl0/rp_filter
;;
stop)
echo "Tunl port closing"
ifconfig tunl0 down
/bin/echo "1" > /proc/sys/net/ipv4/conf/all/arp_ignore /bin/echo "2" > /proc/sys/net/ipv4/conf/all/arp_announce
*)
echo "Usage: $0 {start|stop}"
exit 1
esac
例如我有三台rs分别为192.168.100.120、192.168.100.125和100.128,现在我在100.125上运行tunl0 stop,在100.125上运行ifconfig [root@OP ~]# ifconfig eth0 Link encap:Ethernet HWaddr 00:20:ED:10:E7:46 inet addr:192.168.100.125 Bcast:192.168.100.255 Mask:255.255.255.0 inet6 addr: fe80::220:edff:fe10:e746/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:1908 errors:0 dropped:0 overruns:0 frame:0 TX packets:736 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:200397 (195.7 KiB) TX bytes:64731 (63.2 KiB) tunnel没激活,但在高度器上运行ipvsadm -ln,显示的是125这台机器的weight值还是1 [root@backup ~]# ipvsadm -ln IP Virtual Server version 1.2.0 (size=1048576) Prot LocalAddress:Port Scheduler Flags -> RemoteAddress:Port Forward Weight ActiveConn InActConn TCP 192.168.100.203:80 wlc -> 192.168.100.128:80 Tunnel 1 0 0 -> 192.168.100.120:80 Tunnel 1 0 0 -> 192.168.100.125:80 Tunnel 1 0 0 这时候如果运行telnet 192.168.100.203 80,则显示 [root@backup ~]# ipvsadm -lnc IPVS connection entries pro expire state source virtual destination TCP 00:39 SYN_RECV 192.168.100.1:32779 192.168.100.203:80 192.168.100.125:80 TCP 00:42 SYN_RECV 192.168.100.1:32773 192.168.100.203:80 192.168.100.125:80 TCP 00:42 SYN_RECV 192.168.100.1:32782 192.168.100.203:80 192.168.100.125:80 TCP 00:30 SYN_RECV 192.168.100.1:32774 192.168.100.203:80 192.168.100.125:80 TCP 00:36 SYN_RECV 192.168.100.1:32777 192.168.100.203:80 192.168.100.125:80 TCP 00:40 SYN_RECV 192.168.100.1:32780 192.168.100.203:80 192.168.100.125:80 TCP 00:44 SYN_RECV 192.168.100.1:32783 192.168.100.203:80 192.168.100.125:80 TCP 00:33 SYN_RECV 192.168.100.1:32775 192.168.100.203:80 192.168.100.125:80 TCP 00:45 SYN_RECV 192.168.100.1:32784 192.168.100.203:80 192.168.100.125:80 TCP 00:37 SYN_RECV 192.168.100.1:32772 192.168.100.203:80 192.168.100.125:80 TCP 14:56 ESTABLISHED 192.168.100.1:32785 192.168.100.203:80 192.168.100.128:80 TCP 01:56 FIN_WAIT 192.168.100.1:32770 192.168.100.203:80 192.168.100.128:80 TCP 00:41 SYN_RECV 192.168.100.1:32781 192.168.100.203:80 192.168.100.125:80 TCP 14:11 ESTABLISHED 192.168.100.1:32771 192.168.100.203:80 192.168.100.120:80 TCP 00:35 SYN_RECV 192.168.100.1:32776 192.168.100.203:80 192.168.100.125:80 TCP 00:37 SYN_RECV 192.168.100.1:32778 192.168.100.203:80 192.168.100.125:80
There are currently 0 users online.
wensong
周日, 2006-11-12 10:29
Permalink
在LVS/TUN集群中,realser
在LVS/TUN集群中,realserver上没有必要设置点到点的tunnel隧道,只要将tunnel设备激活就可以。
renawang
周一, 2006-11-13 08:31
Permalink
我没有设置点到点的tunnel隧道,我说的就是设置一个tunnel设备,当这个tunnel设备down以后,整个lvs就失去了均
衡,所有的新连接都会送到那台tunnel设备down了的realserver。我的realserver的tunnel脚本是这样
[roo@init.d]# vi tunl0
#!/bin/sh
# chkconfig: 2345 70 10
# description: Config tunl port and apply arp patch
VIP=192.168.100.203
. /etc/rc.d/init.d/functions
case "$1" in
start)
echo "Tunl port starting"
ifconfig tunl0 $VIP netmask 255.255.255.255 broadcast $VIP up
echo 1 > /proc/sys/net/ipv4/ip_forward
/bin/echo "1" > /proc/sys/net/ipv4/conf/all/arp_ignore
/bin/echo "2" > /proc/sys/net/ipv4/conf/all/arp_announce
/bin/echo "1" > /proc/sys/net/ipv4/conf/tunl0/arp_ignore
/bin/echo "2" > /proc/sys/net/ipv4/conf/tunl0/arp_announce
/bin/echo "0" > /proc/sys/net/ipv4/conf/tunl0/rp_filter
;;
stop)
echo "Tunl port closing"
ifconfig tunl0 down
echo 1 > /proc/sys/net/ipv4/ip_forward
/bin/echo "1" > /proc/sys/net/ipv4/conf/all/arp_ignore
/bin/echo "2" > /proc/sys/net/ipv4/conf/all/arp_announce
;;
*)
echo "Usage: $0 {start|stop}"
exit 1
esac
例如我有三台rs分别为192.168.100.120、192.168.100.125和100.128,现在我在100.125上运行tunl0 stop,在100.125上运行ifconfig
[root@OP ~]# ifconfig
eth0 Link encap:Ethernet HWaddr 00:20:ED:10:E7:46
inet addr:192.168.100.125 Bcast:192.168.100.255 Mask:255.255.255.0
inet6 addr: fe80::220:edff:fe10:e746/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:1908 errors:0 dropped:0 overruns:0 frame:0
TX packets:736 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:200397 (195.7 KiB) TX bytes:64731 (63.2 KiB)
tunnel没激活,但在高度器上运行ipvsadm -ln,显示的是125这台机器的weight值还是1
[root@backup ~]# ipvsadm -ln
IP Virtual Server version 1.2.0 (size=1048576)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.100.203:80 wlc
-> 192.168.100.128:80 Tunnel 1 0 0
-> 192.168.100.120:80 Tunnel 1 0 0
-> 192.168.100.125:80 Tunnel 1 0 0
这时候如果运行telnet 192.168.100.203 80,则显示
[root@backup ~]# ipvsadm -lnc
IPVS connection entries
pro expire state source virtual destination
TCP 00:39 SYN_RECV 192.168.100.1:32779 192.168.100.203:80 192.168.100.125:80
TCP 00:42 SYN_RECV 192.168.100.1:32773 192.168.100.203:80 192.168.100.125:80
TCP 00:42 SYN_RECV 192.168.100.1:32782 192.168.100.203:80 192.168.100.125:80
TCP 00:30 SYN_RECV 192.168.100.1:32774 192.168.100.203:80 192.168.100.125:80
TCP 00:36 SYN_RECV 192.168.100.1:32777 192.168.100.203:80 192.168.100.125:80
TCP 00:40 SYN_RECV 192.168.100.1:32780 192.168.100.203:80 192.168.100.125:80
TCP 00:44 SYN_RECV 192.168.100.1:32783 192.168.100.203:80 192.168.100.125:80
TCP 00:33 SYN_RECV 192.168.100.1:32775 192.168.100.203:80 192.168.100.125:80
TCP 00:45 SYN_RECV 192.168.100.1:32784 192.168.100.203:80 192.168.100.125:80
TCP 00:37 SYN_RECV 192.168.100.1:32772 192.168.100.203:80 192.168.100.125:80
TCP 14:56 ESTABLISHED 192.168.100.1:32785 192.168.100.203:80 192.168.100.128:80
TCP 01:56 FIN_WAIT 192.168.100.1:32770 192.168.100.203:80 192.168.100.128:80
TCP 00:41 SYN_RECV 192.168.100.1:32781 192.168.100.203:80 192.168.100.125:80
TCP 14:11 ESTABLISHED 192.168.100.1:32771 192.168.100.203:80 192.168.100.120:80
TCP 00:35 SYN_RECV 192.168.100.1:32776 192.168.100.203:80 192.168.100.125:80
TCP 00:37 SYN_RECV 192.168.100.1:32778 192.168.100.203:80 192.168.100.125:80