用tunnel做lvs群时遇到问题(有的通,有的不通),请章博士帮忙分析

环境:
三台机器均为Centos4.4

拓朴结构:
LVS Server:
真实IP:61.129.251.193
虚拟IP:61.129.251.195

RealServers:
机器A:61.147.119.195
机器B:61.147.119.196

机器C:220.170.88.210
机器D:220.170.88.217

机器A B C D上均执行了以下脚本:
ifconfig tunl0 61.129.251.195 netmask 255.255.255.255 broadcast 61.129.251.195
route add -host 61.129.251.195 dev tunl0
echo "1" > /proc/sys/net/ipv4/ip_forward
echo "1" > /proc/sys/net/ipv4/conf/lo/arp_ignore
echo "2" > /proc/sys/net/ipv4/conf/lo/arp_announce
echo "1" > /proc/sys/net/ipv4/conf/all/arp_ignore
echo "2" > /proc/sys/net/ipv4/conf/all/arp_announce

现在遇到的问题:
访问VIP(61.129.251.195)时,被分配到机器C D时正常,被分配到机器A B时不正常(连接不上)。
在LVS Server上用tcpdump host 61.147.119.195抓包结果:
10:39:54.991917 IP 61.129.251.193 > 61.147.119.195: IP 218.1.120.227.42479 > 61.129.251.195.http: S 648349697:648349697(0) win 5840 (ipip-proto-4)
10:39:56.248549 IP 61.129.251.193 > 61.147.119.195: IP 218.1.120.227.42480 > 61.129.251.195.http: S 645163388:645163388(0) win 5840 (ipip-proto-4)
10:39:59.251469 IP 61.129.251.193 > 61.147.119.195: IP 218.1.120.227.42480 > 61.129.251.195.http: S 645163388:645163388(0) win 5840 (ipip-proto-4)
(不停地出)

在机器A(61.147.119.195)上用tcpdump host 61.129.251.193抓不到任何新建连接请求,但是可以抓到LVS Server上ldirectord进程monitor的请求。
在LVS Server上用telnet/wget可以访问机器A B。

在LVS Server上ipvsadm -l结果如下:
IP Virtual Server version 1.2.0 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 61.129.251.195:http rr persistent 1200
-> 61.147.119.196:http Tunnel 1 0 0
-> 61.147.119.195:http Tunnel 1 0 1
-> 220.170.88.217:http Tunnel 1 0 0
-> 220.170.88.210:http Tunnel 1 0 0

请章博士帮助分析该问题原因,或者需要再提供什么数据?

Forums:

我想可能需要查一下为什么61.129.251.193已经发出IPIP报文给61.147.119.195,而机器61.147.119.195没有收到报文?看在61.147.119.195上tcpdump抓报文的网卡对不对?

randomness