Xen project Mailing List

[Xen-users] dom0 with ipvsadm to domU masquerade strange behavior

From: Michael Lang <michi+xen@xxxxxxxxxxxxxxxxxxxx>

Date: Mon, 02 Oct 2006 11:59:44 +0200

Delivery-date: Mon, 02 Oct 2006 03:05:14 -0700

List-id: Xen user discussion <xen-users.lists.xensource.com>

Hi, i've encountered a strange behavior of Xen 3.0.2 with dom0 setup to use ipvsadm to masquerade a Service to it's domU same machine. reproduce able with: (example service sendmail) setup in dom0: $ ipvsadm -A -t ${externalip}:25 -s wrr $ ipvsadm -a -t ${externalip}:25 -r ${internalip}:25 -m -w 1 trying to connect from outside looks like: $ telnet ${externalip} 25 Trying ${externalip}... Connected to ${externalreversefqdn} (${externalip}). Escape character is '^]'. ^]quit after getting "Escape character is '^]'." no response string shows up. doing a tcpdump, i can see the packet arrives but immediately a TCP Recent shows up. I've tested this with two different Machines (dom0) and the strangest thing i noticed that using a different machine for Service than domU works fine (so that domU isnt located on the same machine as dom0). Any suggestion how to fix this ? kind regards Michael Lang tcpdump: # tcpdump -nnNi any port 25 tcpdump: WARNING: Promiscuous mode not supported on the "any" device tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on any, link-type LINUX_SLL (Linux cooked), capture size 96 bytes 11:56:03.901541 IP ${remoteip}.45156 > ${dom0serviceip}.25: S 3500878808:3500878808(0) win 5840 <mss 1460,sackOK,timestamp 297651832 0,nop,wscale 2> 11:56:03.901734 IP ${remoteip}.45156 > ${domUserviceip}.25: S 3500878808:3500878808(0) win 5840 <mss 1460,sackOK,timestamp 297651832 0,nop,wscale 2> 11:56:03.901760 IP ${remoteip}.45156 > ${domUserviceip}.25: S 3500878808:3500878808(0) win 5840 <mss 1460,sackOK,timestamp 297651832 0,nop,wscale 2> 11:56:03.903417 IP ${domUserviceip}.25 > ${remoteip}.45156: S 646178341:646178341(0) ack 3500878809 win 5792 <mss 1460,sackOK,timestamp 216071861 297651832,nop,wscale 2> 11:56:03.903417 IP ${domUserviceip}.25 > ${remoteip}.45156: S 646178341:646178341(0) ack 3500878809 win 5792 <mss 1460,sackOK,timestamp 216071861 297651832,nop,wscale 2> 11:56:03.903491 IP ${dom0serviceip}.25 > ${remoteip}.45156: S 646178341:646178341(0) ack 3500878809 win 5792 <mss 1460,sackOK,timestamp 216071861 297651832,nop,wscale 2> 11:56:03.905582 IP ${remoteip}.45156 > ${dom0serviceip}.25: . ack 1 win 1460 <nop,nop,timestamp 297651836 216071861> 11:56:03.905630 IP ${remoteip}.45156 > ${domUserviceip}.25: . ack 1 win 1460 <nop,nop,timestamp 297651836 216071861> 11:56:03.905638 IP ${remoteip}.45156 > ${domUserviceip}.25: . ack 1 win 1460 <nop,nop,timestamp 297651836 216071861> 11:56:03.935918 IP ${domUserviceip}.25 > ${remoteip}.45156: P 1:95(94) ack 1 win 1448 <nop,nop,timestamp 216071864 297651836> 11:56:03.935918 IP ${domUserviceip}.25 > ${remoteip}.45156: P 1:95(94) ack 1 win 1448 <nop,nop,timestamp 216071864 297651836> 11:56:03.936050 IP ${dom0serviceip}.25 > ${remoteip}.45156: P 1:95(94) ack 1 win 1448 <nop,nop,timestamp 216071864 297651836> 11:56:04.137015 IP ${domUserviceip}.25 > ${remoteip}.45156: P 1:95(94) ack 1 win 1448 <nop,nop,timestamp 216071885 297651836> 11:56:04.137015 IP ${domUserviceip}.25 > ${remoteip}.45156: P 1:95(94) ack 1 win 1448 <nop,nop,timestamp 216071885 297651836> 11:56:04.137173 IP ${dom0serviceip}.25 > ${remoteip}.45156: P 1:95(94) ack 1 win 1448 <nop,nop,timestamp 216071885 297651836> 11:56:04.556866 IP ${domUserviceip}.25 > ${remoteip}.45156: P 1:95(94) ack 1 win 1448 <nop,nop,timestamp 216071927 297651836> 11:56:04.556866 IP ${domUserviceip}.25 > ${remoteip}.45156: P 1:95(94) ack 1 win 1448 <nop,nop,timestamp 216071927 297651836> 11:56:04.556984 IP ${dom0serviceip}.25 > ${remoteip}.45156: P 1:95(94) ack 1 win 1448 <nop,nop,timestamp 216071927 297651836> 11:56:05.397267 IP ${domUserviceip}.25 > ${remoteip}.45156: P 1:95(94) ack 1 win 1448 <nop,nop,timestamp 216072011 297651836> 11:56:05.397267 IP ${domUserviceip}.25 > ${remoteip}.45156: P 1:95(94) ack 1 win 1448 <nop,nop,timestamp 216072011 297651836> 11:56:05.397320 IP ${dom0serviceip}.25 > ${remoteip}.45156: P 1:95(94) ack 1 win 1448 <nop,nop,timestamp 216072011 297651836> 11:56:05.958753 IP ${remoteip}.45156 > ${dom0serviceip}.25: F 1:1(0) ack 1 win 1460 <nop,nop,timestamp 297653890 216071861> 11:56:05.958808 IP ${remoteip}.45156 > ${domUserviceip}.25: F 1:1(0) ack 1 win 1460 <nop,nop,timestamp 297653890 216071861> 11:56:06.162455 IP ${remoteip}.45156 > ${dom0serviceip}.25: F 1:1(0) ack 1 win 1460 <nop,nop,timestamp 297654094 216071861> 11:56:06.162528 IP ${remoteip}.45156 > ${domUserviceip}.25: F 1:1(0) ack 1 win 1460 <nop,nop,timestamp 297654094 216071861> 11:56:06.570379 IP ${remoteip}.45156 > ${dom0serviceip}.25: F 1:1(0) ack 1 win 1460 <nop,nop,timestamp 297654502 216071861> 11:56:06.570442 IP ${remoteip}.45156 > ${domUserviceip}.25: F 1:1(0) ack 1 win 1460 <nop,nop,timestamp 297654502 216071861> -- Michael Lang <michi+xen@xxxxxxxxxxxxxxxxxxxx> _______________________________________________ Xen-users mailing list Xen-users@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-users

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.