Difference between revisions of "ARP Issues in LVS/DR and LVS/TUN Clusters"
m |
(→Problems) |
||
Line 2: | Line 2: | ||
In the [[LVS/DR]] and [[LVS/TUN]] clusters, we can see that the [[VIP]] address is shared by [[load balancer]] and all [[real server]]s. In order to make the [[LVS/DR]] and [[LVS/TUN]] clusters work, [[load balancer]] should broadcast the [[VIP]] address to accept incoming packets for virtual service, the [[real server]]s only use the [[VIP]] address to process the packets for [[VIP]] locally. | In the [[LVS/DR]] and [[LVS/TUN]] clusters, we can see that the [[VIP]] address is shared by [[load balancer]] and all [[real server]]s. In order to make the [[LVS/DR]] and [[LVS/TUN]] clusters work, [[load balancer]] should broadcast the [[VIP]] address to accept incoming packets for virtual service, the [[real server]]s only use the [[VIP]] address to process the packets for [[VIP]] locally. | ||
+ | |||
+ | The ARP problem arises when real servers have one of their interfaces connected to the network that [[LVS/DR]] and [[LVS/TUN]] [[load balancer]] receives packets for [[VIP]]. For example, a [[LVS/DR]] or [[LVS/TUN]] cluster of the following topology needs to disable ARP for [[VIP]] address at real servers. | ||
+ | |||
+ | [[Image:Cluster-need-disable-arp-for-VIP-at-realservers.png|center]] | ||
+ | |||
+ | If we did not disable ARP for [[VIP]] address at real servers, there would be race condition in ARP response, then router might send requests for VIP to real servers directly instead of the load balancer. This would break the whole load balancing solution. | ||
== Solutions == | == Solutions == |
Revision as of 15:53, 8 September 2006
Problems
In the LVS/DR and LVS/TUN clusters, we can see that the VIP address is shared by load balancer and all real servers. In order to make the LVS/DR and LVS/TUN clusters work, load balancer should broadcast the VIP address to accept incoming packets for virtual service, the real servers only use the VIP address to process the packets for VIP locally.
The ARP problem arises when real servers have one of their interfaces connected to the network that LVS/DR and LVS/TUN load balancer receives packets for VIP. For example, a LVS/DR or LVS/TUN cluster of the following topology needs to disable ARP for VIP address at real servers.
If we did not disable ARP for VIP address at real servers, there would be race condition in ARP response, then router might send requests for VIP to real servers directly instead of the load balancer. This would break the whole load balancing solution.
Solutions
- arptables
- The arp_announce/arp_ignore approach
- The hidden patch
- The redirect approach
- The policy routing approach
- The noarp module