ipvs+keepalived最鬼异问题,vs/dr模式,数据包已经转发给rs了,但rs无法返回数据包给请求者。

vs/dr模式,数据包已经转发给rs了,但rs无法返回数据包给请求者。

VIP:192.168.8.105
keepalived-1:192.168.8.101
keepalived-2:192.168.8.102
realserver:192.168.8.103
realserver:192.168.8.104

[root@rac1 etc]# ipvsadm
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddressort Scheduler Flags
-> RemoteAddressort Forward Weight ActiveConn InActConn
TCP 192.168.8.105:http rr
-> 192.168.8.104:http Route 3 4 0
-> 192.168.8.103:http Route 3 11 0

MASTER:
! Configuration File for keepalived
global_defs {
notification_email {
lixiqing2008@163.com
}
router_id LVS_DEVEL
}
vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.8.105/24
}
}
virtual_server 192.168.8.105 80 {
delay_loop 6
lb_algo rr
lb_kind DR
# persistence_timeout 50
protocol TCP
real_server 192.168.8.103 80 {
weight 3
TCP_CHECK {
connect_timeout 10
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
real_server 192.168.8.104 80 {
weight 3
TCP_CHECK {
connect_timeout 10
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
}

BACKUP:

! Configuration File for keepalived
global_defs {
notification_email {
lixiqing2008@163.com
}
router_id LVS_DEVEL
}
vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 51
priority 99
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.8.105
}
}
virtual_server 192.168.8.105 80 {
delay_loop 6
lb_algo rr
lb_kind DR
#persistence_timeout 50
protocol TCP
real_server 192.168.8.103 80 {
weight 3
TCP_CHECK {
connect_timeout 10
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
real_server 192.168.8.104 80 {
weight 3
TCP_CHECK {
connect_timeout 10
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
}
#已识别两realserver
[root@rac1 etc]# ipvsadm
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddressort Scheduler Flags
-> RemoteAddressort Forward Weight ActiveConn InActConn
TCP 192.168.8.105:http rr
-> 192.168.8.104:http Route 3 4 0
-> 192.168.8.103:http Route 3 11 0

#数据包已转发
ro expire state source virtual destination
TCP 12:13 ESTABLISHED 192.168.8.100:18914 192.168.8.105:80 192.168.8.104:80
TCP 14:30 ESTABLISHED 192.168.8.100:19092 192.168.8.105:80 192.168.8.104:80
TCP 12:01 ESTABLISHED 192.168.8.100:18904 192.168.8.105:80 192.168.8.103:80

客户机:telnet 192.168.8.105 80 可通
浏览器访问:http://192.168.8.103 OK!!
浏览器访问:http://192.168.8.104 OK !!

浏览器访问:http://192.168.8.105 不行????

why ????????????????

Forums:

同这兄弟一样的问题
http://zh.linuxvirtualserver.org/node/2537#comment-101664

抑制arp:
#!/bin/sh
VIP="192.168.8.105"
. /etc/init.d/functions
case "$1" in
start)
/sbin/ifconfig lo:0 $VIP netmask 255.255.255.255 broadcast $VIP
# /sbin/route add -host $VIP dev lo:0
echo "1" > /proc/sys/net/ipv4/conf/lo/arp_ignore
echo "2" > /proc/sys/net/ipv4/conf/lo/arp_announce
echo "1" > /proc/sys/net/ipv4/conf/all/arp_ignore
echo "2" > /proc/sys/net/ipv4/conf/all/arp_announce
echo "1" > /proc/sys/net/ipv4/conf/eth0/arp_ignore
echo "2" > /proc/sys/net/ipv4/conf/eth0/arp_announce
echo "1" > /proc/sys/net/ipv4/conf/default/arp_ignore
echo "2" > /proc/sys/net/ipv4/conf/default/arp_announce
sysctl -p > /dev/null 2>&1
echo "realserver is ok "
;;

stop)
/sbin/ifconfig lo:0 down
# /sbin/route del -host $VIP
echo "0" > /proc/sys/net/ipv4/conf/lo/arp_ignore
echo "0" > /proc/sys/net/ipv4/conf/lo/arp_announce
echo "0" > /proc/sys/net/ipv4/conf/all/arp_ignore
echo "0" > /proc/sys/net/ipv4/conf/all/arp_announce
echo "0" > /proc/sys/net/ipv4/conf/eth0/arp_ignore
echo "0" > /proc/sys/net/ipv4/conf/eth0/arp_announce
echo "0" > /proc/sys/net/ipv4/conf/default/arp_ignore
echo "0" > /proc/sys/net/ipv4/conf/default/arp_announce
echo "realserver stoppped"
;;

*)
echo "Usage: $0 {start|stop}"
exit 1
esac

randomness