LVS Fwmarks sync

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]


We need to add 443 port to the same servers those already serving port 80.
Decided to use Fwmarks to have persistence per real rather than per vip and
to minimize virtual servers count.


Linux Kernel

iptables -t mangle -A PREROUTING -d VIP -i bond0 -p tcp -m multiport
--dports 80,443 -j MARK --set-mark 1

ipvsadm -A -f 1 -s wlc -p 1800
-a -f 1 -r -i -w 100
-a -f 1 -r -i -w 100
-a -f 1 -r 1.1.X.X:0 -i -w 100
(320 servers total)

# ipvsadm -l --daemon
master sync daemon (mcast=eth3, syncid=1) backup sync daemon (mcast=eth3,

We encountered with the following issues with connections synchronization:
1. There is no ActiveConn and  InActConn connections on Backup node, only
2. System CPU utilization on Backup node (ipvs_backup process) is raised
from 40 % (TCP VIP) to 80 % (Fwmark) on singe cpu core0. But sync traffic is
not changed.

Can someone explain why this is happening?
Is it possible to reduce load on Backup node or is it possible to distribute
load on multiple processor cores?

Best regards,

To unsubscribe from this list: send the line "unsubscribe lvs-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at

[Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Photo]     [Yosemite News]    [Yosemite Photos]    [Free Online Dating]     [Linux Kernel]     [Linux SCSI]     [XFree86]

Add to Google Powered by Linux