Ipv6 packets that are natted get dropped due to Udp6InCsumErrors

Solution In Progress - Updated -

Issue

The architecture involves utilizing keepalived LVS in DR (Direct routing) mode to load balance UDP packets sent to the LVS VIP to 3 or more virtual servers (per packet round robin - lb_algo rr). We also apply a redirect rule in ip6tables to translate DST IP from VIP to RIP (Real IP).
The UDP packets (Radius) seem to get load balanced fine by LVS Server. When they arrive on the Real Server they are dropped and never arrive on the application.

The drops correlate to the following counters in 'nstat':

# nstat | grep Udp
Udp6InErrors                    10                 0.0
Udp6InCsumErrors                10                 0.0

Environment

  • Red Hat Enterprise Linux
    • 4.18.0-147.5.1.el8_1.x86_64
  • LVS
  • ipv6tables NAT rules
  • Openstack

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content