[RHEL6] LVS failover not working with UDP packets. How to fix it?

Solution Verified - Updated -

Environment

  • Red Hat Enterprise Linux 6
  • Load Balance Add On

Issue

  • Ipvs is not recognizing when a UDP based service fail and is not performing failover. How to fix it?

Resolution

To work with UDP packets you need to include some special parameters in /etc/sysctl.conf and set ipvsadm timeouts, in order to get IPVS perform failover correctly to UDP based services.

1. Set ipvsadm timeout to 1 (or the value you need):

# ipvsadm --set <tcp> <tcpfin> <udp>  (see man ipvsadm for info)

 --set tcp tcpfin udp
              Change the timeout values used for IPVS connections. This command always takes 3 parameters,  representing  the  timeout  values (in seconds) for
              TCP sessions, TCP sessions after receiving a  FIN packet, and  UDP  packets, respectively.  A timeout value 0  means  that  the  current  timeout
              value of the  corresponding  entry  is preserved.

2. Edit /etc/sysctl.conf and set to 1 the following parameters:

net.ipv4.vs.expire_nodest_conn =1
net.ipv4.vs.expire_quiescent_template =1

Or do it executing 'echo 1' on the entries:

/proc/sys/net/ipv4/vs/expire_nodest_conn
/proc/sys/net/ipv4/vs/expire_quiescent_template

3. Perform a test sending request to the UDP service and check if all requests are being balanced. After that, set weight=0 to the UDP service and check if requests are redirect to the other real server.

This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.