2

I have two load balancer with Debian 8 and three Graylog server with Debian 9.

Every server in my network sends logs via rsyslog to a virtual server configured on the LB. The connection is UDP.

The problem is that the packets are not balanced. (all connections goes on the first real server on the list)

In case of failover the packets are correctly sent to the others real servers.

The only way I found to re-balance the connection is to remove all real server from the LB and the restart keepalived service.

I already tied to set:

ipvsadm --set 0 0 1
Timeout (tcp tcpfin udp): 900 120 1

I already set these two variables:

echo 1 > /proc/sys/net/ipv4/vs/expire_nodest_conn
echo 1 > /proc/sys/net/ipv4/vs/expire_quiescent_template

IPVS is configure as follow:

vrrp_instance logserver {
    state MASTER
    interface eth0
    virtual_router_id 195
    priority 200
    advert_int 1
    authentication {
        auth_type keepalived
        auth_pass xxxxxx
    }
    virtual_ipaddress {
        10.20.20.195/22
    }
}


virtual_server 10.20.20.195 0 {
    delay_loop 60
    protocol UDP
    lb_algo wrr
    lb_kind DR
    persistence_timeout 30

    real_server 10.20.20.196 0 {
        weight 100
        MISC_CHECK {
                connect_timeout 3
                misc_path "/etc/keepalived/checkgraylog 10.20.20.196"
        }
    }

    real_server 10.20.20.197 0 {
       weight 100
        MISC_CHECK {
                connect_timeout 3
                misc_path "/etc/keepalived/checkgraylog 10.20.20.197"
        }
    }

    real_server 10.20.20.198 0 {
       weight 100
        MISC_CHECK {
                connect_timeout 3
                misc_path "/etc/keepalived/checkgraylog 10.20.20.198"
        }    } }

Is there a way to effective balance UDP connection with Direct Routing? Thank you

ottagono
  • 31
  • 3
  • Sounds like this may be configured as a high availability cluster with failover. Can you fail the first server and see if the logs start going to the second? If so, it lends weight to what I've said. I know nothing about IPVS so I can't give you an actual answer. – Jeter-work Aug 10 '18 at 14:33
  • You're using weighted round robin but all the weights are equal? Just go with plain old round robin then. Or maybe least connections. – Michael Hampton Aug 10 '18 at 14:36

1 Answers1

1
virtual_server 10.20.20.195 12333 {
    delay_loop 60
    protocol UDP
    lb_algo wrr
    lb_kind DR
    ops # <<< - Try this. Works for me (Ubuntu 18.04, Keepalived v1.3.9, ipvsadm v1.28) 

    real_server 10.20.20.196 12333 {

Option ops for me works only if either:

  • Virtual server port is explicitly defined.
  • fwmark is used together with in virtual_server definition.

Does not work for virtual_server_IP 0 form - in that case ipvsadm -Ln shows that persistent option is used as well.

ArtemM
  • 11
  • 2