WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-users

Re: [Xen-users] Xen and LVS Direct Routing

To: "Dr A V Le Blanc" <A.V.LeBlanc@xxxxxxxxx>
Subject: Re: [Xen-users] Xen and LVS Direct Routing
From: "Jason Goodwin" <jason.m.goodwin@xxxxxxxxx>
Date: Fri, 17 Mar 2006 18:26:30 -0600
Cc: xen-users@xxxxxxxxxxxxxxxxxxx
Delivery-date: Sat, 18 Mar 2006 00:27:49 +0000
Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:references; b=j6C3I17AtJsukrBn4ClszgUBiEFFGBYjBoDycfK1OmDNEQqefU/QjqXCtY2e8adfOZ/yehiJ9nYGy215/5bsJgvySs7Irq5y5YCnfSB7LjBagEce8EcwIG1r0g6o9V9X1xcA+IL3A3iSXhAOxSIXyDpft04kMFtihG1zPYg9CxI=
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
In-reply-to: <20060317085439.GA557@xxxxxxxxxxxxx>
List-help: <mailto:xen-users-request@lists.xensource.com?subject=help>
List-id: Xen user discussion <xen-users.lists.xensource.com>
List-post: <mailto:xen-users@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
References: <20060317085439.GA557@xxxxxxxxxxxxx>
Sender: xen-users-bounces@xxxxxxxxxxxxxxxxxxx
I've been experimenting with LVS under domU servers (my first LVS experience actually). I had issues using LVS-NAT (TCP checksum errors for any client off of the Xen server, though it worked ok from dom0) so I switched to direct routing. It seems to work ok for me.

At the moment, I have two directors (failover using ultramonkey / heartbeat) that are both also the webservers. I've setup the real IP of each server on eth0. The VIP is also set on eth0 of whichever director is active. On the failover node, the VIP is added to the loopback address. This seems to work fine, no need for the dummy driver. The webserver in my case is listening on all IPs, not just the real. Not sure if I'll run things this way if I setup production servers, but it works for testing.

I set /etc/sysctl.conf entries of the following:

net.2ipv4.ip_forward = 1
net.ipv4.conf.eth0.arp_ignore = 1
net.ipv4.conf.eth0.arp_announce = 2

The arp_ignore and arp_announce take care of making sure that the failover server that has the VIP on it's loopback won't reply to arps for that IP.

root@lvs1# ip addr
1: lo: <LOOPBACK,UP> mtu 16436 qdisc noqueue
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
2: eth0: <BROADCAST,MULTICAST,UP> mtu 1300 qdisc pfifo_fast qlen 1000
    link/ether 00:16:3e:41:51:c0 brd ff:ff:ff:ff:ff:ff
    inet 192.168.0.16/24 brd 192.168.0.255 scope global eth0
    inet 192.168.0.46/24 brd 192.168.0.255 scope global secondary eth0

root@lvs2# ip addr
1: lo: <LOOPBACK,UP> mtu 16436 qdisc noqueue
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
    inet 192.168.0.46/32 brd 255.255.255.255 scope global lo
2: eth0: <BROADCAST,MULTICAST,UP> mtu 1300 qdisc pfifo_fast qlen 1000
    link/ether 00:16:3e:64:34:5e brd ff:ff:ff:ff:ff:ff
    inet 192.168.0.17/24 brd 192.168.0.255 scope global eth0


--
Jason
_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users
<Prev in Thread] Current Thread [Next in Thread>