August 27, 2010 at 6:40 pm #42610
I’ve been having some unexplainable issues with net balancer last few days (at least thats when i noticed I should say) My network is granted stupidly complex, so aside from the ZeroShell box which is the main gateway, I have 2 other routers, connecting to 2 more routers… yeah dont ask. the 2 routers both have ‘DMZ’ mode active to forward everything to the zeroshell box so I can control that there, that seems to work fine. The 2 hosts are both have a weight of 1 and in load balancing/failover mode, since I basically just set it up for quicker web browsing and such.
I noticed webbrowsing sometimes would just out right fail until I hit refresh a few times, but upon investigating the connections they seemed ok, but disabling either one would usually make the problem go away. Today I tried to access my zeroshell box remotely, via http and ssh. The connection basically was 50/50. I didnt have 1 successful ssh connection, but http would work on and off. It seemed like it was trying to ‘Net balance’ the incoming tcp connectionsand I dont quite understand how or why. I disabled one host in net balancer and now its working flawlessly. Can anyone help explain to me whats happening here?August 28, 2010 at 4:13 am #51011
seems to be a known bug. old post now, any new info? does seem it might not play nice with NAT. i thought a balancing rule of in eth00.2 out eth00.2 might do the trick but no help. is this a linux kernel bug i wonder?August 28, 2010 at 9:39 pm #51012
Yes it is a known bug, ZS is load balancing incoming connections and furthermore you can notice the Netbalancer malfunction when you browse https sites or http with authentication without cookies (like zeroshell forum). User Atheling has provided a temporary patch, which was not included in beta13, so you’ll have to add it as a patch in /Database and execute it with a preboot script.August 28, 2010 at 10:23 pm #51013
Ah ok, that is good to hear, I will have to try that patch out. I figured it was included at this point. I’ve never manually setup load balancing before so looking at it from the shell is still confusing to me. And yes definately about the problem with some websites. I was fully prepared to live with that, as I’ve done websites before that checked against IP, fortunately most sites now dont go that route. I had added a number of specific balancing rules to get around that.
I will install patch as soon as I get back, thanks for info!August 29, 2010 at 1:57 pm #51014
Excellent that has seemed to fix it! Thank you Atheling for making this patch 🙂
Only thing I had to do was manually add the 2 entries into the newly created NB_CT_PRE table, something with the ‘get interface from ip’ part of the script maybe didnt work, I will look into that. Net balancer wont let me set an interface (because its a vlan interface?) so I assume thats where it went wrong. Put in those 2 entries by hand and it seems smooth sailing now!
I did this remotely last night and the machine mysteriously did not come back online for about an hour, lol.
You must be logged in to reply to this topic.