Login | Register For Free | Help
Search for: (Advanced)

Mailing List Archive: Linux Virtual Server: Users

[lvs-users] fwm w/ IPv6 enabled broken

  

 
Linux Virtual Server users RSS feed   Index | Next | Previous | View Threaded


johan-lvs at office

Sep 14, 2009, 2:36 AM

Post #1 of 4 (707 views)
Permalink
[lvs-users] fwm w/ IPv6 enabled broken
Hi,

It appears that fwm virtual services break when ipvs is built with IPv6
support enabled. I'm not sure if it's broken on all kernels (since 2.6.28, in
which IPv6 was seen first), or if it's just broken in 2.6.31.

Relevant kernel info:
Arch: amd64
Version: 2.6.31 (vanilla)
Kernel configuration:
-----------------------------
CONFIG_IP_VS=m
CONFIG_IP_VS_IPV6=y
# CONFIG_IP_VS_DEBUG is not set
CONFIG_IP_VS_TAB_BITS=16

#
# IPVS transport protocol load balancing support
#
CONFIG_IP_VS_PROTO_TCP=y
CONFIG_IP_VS_PROTO_UDP=y
CONFIG_IP_VS_PROTO_AH_ESP=y
CONFIG_IP_VS_PROTO_ESP=y
CONFIG_IP_VS_PROTO_AH=y

#
# IPVS scheduler
#
CONFIG_IP_VS_RR=m
CONFIG_IP_VS_WRR=m
CONFIG_IP_VS_LC=m
CONFIG_IP_VS_WLC=m
CONFIG_IP_VS_LBLC=m
CONFIG_IP_VS_LBLCR=m
CONFIG_IP_VS_DH=m
CONFIG_IP_VS_SH=m
CONFIG_IP_VS_SED=m
CONFIG_IP_VS_NQ=m

#
# IPVS application helper
#
CONFIG_IP_VS_FTP=m
-----------------------------

iptables configuration snippet:
iptables -t mangle -I PREROUTING -d <vip> -p tcp --set-mark <marknum>

ipvs configuration snippet:
-A -f <marknum> -s wlc -p 3600
-a -f <marknum> -r <real server>:0 -g -w 10


The same configuration works right if CONFIG_IP_VS_IPV6 is not set..

--
Johan Mulder
Cambrium BV.

_______________________________________________
Please read the documentation before posting - it's available at:
http://www.linuxvirtualserver.org/

LinuxVirtualServer.org mailing list - lvs-users [at] LinuxVirtualServer
Send requests to lvs-users-request [at] LinuxVirtualServer
or go to http://lists.graemef.net/mailman/listinfo/lvs-users


horms at verge

Sep 14, 2009, 3:16 AM

Post #2 of 4 (658 views)
Permalink
Re: [lvs-users] fwm w/ IPv6 enabled broken [In reply to]
On Mon, Sep 14, 2009 at 11:36:00AM +0200, Johan Mulder wrote:
> Hi,
>
> It appears that fwm virtual services break when ipvs is built with IPv6
> support enabled. I'm not sure if it's broken on all kernels (since 2.6.28, in
> which IPv6 was seen first), or if it's just broken in 2.6.31.

Hi,

thanks for bringing this to my attention. I thought that fwm virtual
services had been fixed by "ipvs: Fix IPv4 FWMARK virtual services"[1]
which I believe went into v2.6.30. But clearly another piece of the puzzle
is missing :-(

[1] http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=be8be9eccbf2d908a7e56b3f7a71105cd88da06b

_______________________________________________
Please read the documentation before posting - it's available at:
http://www.linuxvirtualserver.org/

LinuxVirtualServer.org mailing list - lvs-users [at] LinuxVirtualServer
Send requests to lvs-users-request [at] LinuxVirtualServer
or go to http://lists.graemef.net/mailman/listinfo/lvs-users


horms at verge

Sep 15, 2009, 1:17 AM

Post #3 of 4 (650 views)
Permalink
Re: [lvs-users] fwm w/ IPv6 enabled broken [In reply to]
On Mon, Sep 14, 2009 at 11:36:00AM +0200, Johan Mulder wrote:
> Hi,
>
> It appears that fwm virtual services break when ipvs is built with IPv6
> support enabled. I'm not sure if it's broken on all kernels (since 2.6.28, in
> which IPv6 was seen first), or if it's just broken in 2.6.31.

[snip]

> iptables configuration snippet:
> iptables -t mangle -I PREROUTING -d <vip> -p tcp --set-mark <marknum>
>
> ipvs configuration snippet:
> -A -f <marknum> -s wlc -p 3600
> -a -f <marknum> -r <real server>:0 -g -w 10

Hi,

I'm not having any luck reproducing this on 2.6.31. Before I probe any
further could you confirm that the iptables snippet should be as follows?

iptables -t mangle -I PREROUTING -d <vip> -p tcp -j MARK --set-mark <marknum>

_______________________________________________
Please read the documentation before posting - it's available at:
http://www.linuxvirtualserver.org/

LinuxVirtualServer.org mailing list - lvs-users [at] LinuxVirtualServer
Send requests to lvs-users-request [at] LinuxVirtualServer
or go to http://lists.graemef.net/mailman/listinfo/lvs-users


johan-lvs at office

Sep 15, 2009, 1:32 AM

Post #4 of 4 (649 views)
Permalink
Re: [lvs-users] fwm w/ IPv6 enabled broken [In reply to]
On Tuesday 15 September 2009 10:17:46 Simon Horman wrote:
> I'm not having any luck reproducing this on 2.6.31. Before I probe any
> further could you confirm that the iptables snippet should be as follows?
>
> iptables -t mangle -I PREROUTING -d <vip> -p tcp -j MARK --set-mark
> <marknum>

That's the one indeed. My apologies..

--
Johan Mulder
Cambrium BV.

_______________________________________________
Please read the documentation before posting - it's available at:
http://www.linuxvirtualserver.org/

LinuxVirtualServer.org mailing list - lvs-users [at] LinuxVirtualServer
Send requests to lvs-users-request [at] LinuxVirtualServer
or go to http://lists.graemef.net/mailman/listinfo/lvs-users

Linux Virtual Server users RSS feed   Index | Next | Previous | View Threaded
 
 


Interested in having your list archived? Contact Gossamer Threads
 
  Web Applications & Managed Hosting Powered by Gossamer Threads Inc.