To setup an LVS/Tun mode LVS cluster, we must configure, on the real servers, an IP tunneling network interface with the cluster Virtual IP on it, and in the meantime handle the following two issues:
- Disable source validation (rp_filter) on the IP tunneling interface.
- Inhibit ARP responses for VIP on the LAN interface in case the real server is in the same broadcast domain as is the load balancer.
In the following tutorial, we'll configure Ubuntu 14.04 as a real server for an LVS/Tun cluster.
1. Set the following kernel parameters in /etc/sysctl.conf:
net.ipv4.conf.all.rp_filter = 0 net.ipv4.conf.eth0.arp_ignore = 1 net.ipv4.conf.eth0.arp_announce = 2
and reload sysctl settings:
$ sudo sysctl -p
2. Add the following configuration to /etc/network/interfaces:
auto tunl0
iface tunl0 inet static
address <Virtual IP>
netmask 255.255.255.255
up sysctl net.ipv4.conf.tunl0.rp_filter=0
and bring up the tunl0 device by typing:
$ sudo ifup tunl0
References:
ARP Issues in LVS/DR and LVS/TUN Clusters
https://www.kernel.org/doc/Documentation/networking/ip-sysctl.txt
http://tldp.org/HOWTO/Adv-Routing-HOWTO/lartc.kernel.rpf.html