Steve Thompson
2013-01-18 20:14:12 UTC
Keepalived 1.2.6, CentOS 6, LVS-DR.
I have two identical directors implemented as KVM virtual machines (using
a bridged network setup), one KVM host being CentOS 5.8 and the other 6.3,
with both VM's running 6.3. The configurations are identical (for sure)
except for MASTER/BACKUP and the priority. There are about half a dozen
services, and all of them work without problems, except for SMTP. There
are currently 3 realservers. I'd like to upgrade the CentOS 5.8 KVM host
to 6.3, but cannot until I can resolve the problem stated below.
The SMTP service works without problems when the VIP is presented by the
MASTER server; I can send a 25-50MB message from any client in a couple of
seconds (eg using alpine or tbird on any OS). If I shut down keepalived on
the master host, the VIP's fail over to the backup server as expected, but
now any connections from the clients to the SMTP service fail (the
connection disconnects after about two minutes) *if* the client is sending
an e-mail above a few MB in size (for small messages it continues to work
OK); the real servers are not changed. If the realservers are addressed
directly by the SMTP clients, everything works well for all sizes of mail
messages for all realservers for all clients.
Since I cannot find anything wrong with the configuration of the directors
or the realservers, I'd appreciate it if anyone could give me a clue as to
where to look to resolve this issue. I'm beginning to suspect the KVM
bridge setup (I'm using rp_filter=2 on 6.3), since a former incarnation on
physical machines, using the same configuration, worked flawlessly.
vrrp_instance SMTP {
state MASTER|BACKUP
priority 100|50
interface eth0
virtual_router_id 204
advert_int 1
smtp_alert
notify_master "/usr/local/keepalived/etc/keepalived/notify_master.sh SMTP"
notify_backup "/usr/local/keepalived/etc/keepalived/notify_backup.sh SMTP"
notify /usr/local/keepalived/etc/keepalived/notify.sh
authentication {
auth_type PASS
auth_pass xxxxxxxx
}
virtual_ipaddress {
192.168.0.20/22 brd 192.168.3.255 scope global dev eth0
}
}
virtual_server 192.168.0.20 25 {
delay_loop 30
lb_algo wlc
lb_kind DR
protocol TCP
real_server 192.168.0.11 25 {
weight 100
SMTP_CHECK {
connect_port 25
connect_timeout 15
}
}
...more real_servers...
}
...similar virtual server for same IP, port 587...
Steve
I have two identical directors implemented as KVM virtual machines (using
a bridged network setup), one KVM host being CentOS 5.8 and the other 6.3,
with both VM's running 6.3. The configurations are identical (for sure)
except for MASTER/BACKUP and the priority. There are about half a dozen
services, and all of them work without problems, except for SMTP. There
are currently 3 realservers. I'd like to upgrade the CentOS 5.8 KVM host
to 6.3, but cannot until I can resolve the problem stated below.
The SMTP service works without problems when the VIP is presented by the
MASTER server; I can send a 25-50MB message from any client in a couple of
seconds (eg using alpine or tbird on any OS). If I shut down keepalived on
the master host, the VIP's fail over to the backup server as expected, but
now any connections from the clients to the SMTP service fail (the
connection disconnects after about two minutes) *if* the client is sending
an e-mail above a few MB in size (for small messages it continues to work
OK); the real servers are not changed. If the realservers are addressed
directly by the SMTP clients, everything works well for all sizes of mail
messages for all realservers for all clients.
Since I cannot find anything wrong with the configuration of the directors
or the realservers, I'd appreciate it if anyone could give me a clue as to
where to look to resolve this issue. I'm beginning to suspect the KVM
bridge setup (I'm using rp_filter=2 on 6.3), since a former incarnation on
physical machines, using the same configuration, worked flawlessly.
vrrp_instance SMTP {
state MASTER|BACKUP
priority 100|50
interface eth0
virtual_router_id 204
advert_int 1
smtp_alert
notify_master "/usr/local/keepalived/etc/keepalived/notify_master.sh SMTP"
notify_backup "/usr/local/keepalived/etc/keepalived/notify_backup.sh SMTP"
notify /usr/local/keepalived/etc/keepalived/notify.sh
authentication {
auth_type PASS
auth_pass xxxxxxxx
}
virtual_ipaddress {
192.168.0.20/22 brd 192.168.3.255 scope global dev eth0
}
}
virtual_server 192.168.0.20 25 {
delay_loop 30
lb_algo wlc
lb_kind DR
protocol TCP
real_server 192.168.0.11 25 {
weight 100
SMTP_CHECK {
connect_port 25
connect_timeout 15
}
}
...more real_servers...
}
...similar virtual server for same IP, port 587...
Steve