[f-nsp] ServerIronXL apparently using DSR when none is configured.
Erik Enge
erik.enge at gmail.com
Sat Jun 30 22:59:19 EDT 2007
Hi,
I have two ServerIronXL's running 07.3.06T12 configured with multiple
VIPs and real servers. Behind one VIP I have two database servers,
this VIP is configured for DSR. While connecting to the VIP from a
third server, I experience occassional lost connections. I tracked
this down to the following:
1) server1 initiates DB connection/query to VIP
2) SI sends query to one of the real servers
3) Real server responds with VIP IP, ... multiple queries may take
place, all is well
4) until: SI issue Gratuitous ARPs for the VIP
5) Now server1 is confused and sends next packet not to the real
server, but SI which
promptly responds with a RST and at this point i lose my connection.
I hope that's not too convoluted. Anyway, I couldn't figure out a way
to stop that behavior, so I decided to remove the DSR configuration.
However, now I observe the following
1) server1 initiates DB connection/query to SI
2) SI sends query to one of the real servers
3) Real server responds to server1 with its IP
4) server1 sends RST packet to real server, game over.
I would be happy getting either of these scenarios to work properly.
I hope I provided enough detail, please let me know if I didn't.
My real servers are running Linux 2.6.11 and I had the loopback
devices correctly configured with the VIP in the first scenario, but
then removed this for the second scenario. I also tried a variation
of source/reverse NAT and sticky settings. I can't seem to get it to
stop the DSR behavior, what am I missing?
My problem seems oddly similar to this post:
http://puck.nether.net/pipermail/foundry-nsp/2004-January/000067.html
though I was unable to glean anything that helped me from that post.
Thanks,
Erik.
Virtual server definition:
server virtual db 1.2.3.4
sym-priority 5
predictor round-robin
port 3306
bind 3306 server2 3306 server3 3306
I use server ports, not sure if that matter:
server port 3306
tcp keepalive 2 2
udp
More information about the foundry-nsp
mailing list