LVS-HOWTO

Table of Contents

1. LVS: Introduction

1.1. Thanks

1.2. About the HOWTO

1.3. Nomenclature/Abbreviations

1.4. Minimal knowledge required

1.5. Getting Technical Help

1.6. After you've Got Technical Help

1.7. Mailing list: subscribing, unsubscribing, searching

1.8. Mailing list: posting to

1.9. Bug Fixes

1.10. Other load balancing solutions, GPL, opensource and commercial

1.11. Books on LVS

1.12. LVS in the news

1.13. Software/Information/HOWTOs useful/related to LVS

2. What is an LVS? Can I use an LVS?

2.1. What is a VIP?

2.2. Where do you use an LVS?

2.3. Client/Server relationship is preserved in an LVS

2.4. LVS director is an L4 switch

2.5. LVS forwards packets to realservers

2.6. LVS runs on Linux and FreeBSD directors

2.7. Code for LVS is different for each kernel series

2.8. kernels from 2.4.x series are SMP for kernel code

2.9. OS for realservers

2.10. LVS works on ethernet

2.11. LVS works on IPv6

2.12. LVS is continually being developed

2.13. LVS is 64 bit

2.14. Other documentation

2.15. LVS is not simple to install, get going or keep running

2.16. LVS Control (Failure, Thundering Herd, Sorry Servers)

3. LVS: Install, Configure, Setup

3.1. Installing from Source Code

3.2. Ultra Monkey

3.3. Keepalived

3.4. Alternate hardware: Soekris (and embedded hardware)

3.5. LVS on a CD: Malcolm Turnbull's ISO files

4. LVS: Ipvsadm and Schedulers

4.1. Using ipvsadm

4.2. Memory Requirements

4.3. sysctl documentation

4.4. Compile a version of ipvsadm that matches your ipvs

4.5. put realservers in /etc/hosts

4.6. RR and LC schedulers

4.7. Netmask for VIP

4.8. LBLC, DH schedulers

4.9. LVS with mark tracking: fwmark patches for multiple firewalls/gateways

4.10. SH scheduler

4.11. What is an ActiveConn/InActConn (Active/Inactive) connnection?

4.12. FAQ: ipvsadm shows entries in InActConn, but none in ActiveConn, connection hangs. What's wrong?

4.13. FAQ: initial connection is delayed, but once connected everything is fine. What's wrong?

4.14. unbalanced realservers: does rr and lc weighting equally distribute the load? - clients reusing ports

4.15. Changing weights with ipvsadm

4.16. Dynamically changing realserver weights

4.17. feedbackd

4.18. lvs-kiss

4.19. connection threshold

4.20. Flushing connection table

4.21. Thundering herd problem, Slow start code for realserver(s) coming on line

4.22. Handling kernel version dependant files e.g. System.map and ipvsadm

4.23. Limiting number of clients connecting to LVS

4.24. Who is connecting to my LVS?

4.25. experimental scheduling code

4.26. Ratz's primer on writing your own scheduler

4.27. Julian's One Packet Scheduler (for UDP)

4.28. changing ip_vs behaviour with sysctl flags in /proc

4.29. Counters in ipvsadm

4.30. Exact Counters

4.31. Scheduling TCP/UDP/SCTP/TCP splicing/

4.32. patch: machine readable error codes from ipvsadm

4.33. patch: stateless ipsvadm - add/edit patch

4.34. patch: fwmark name-number translation table

4.35. ip_vs_conn.pl

4.36. Luca's php monitoring script

4.37. ipvsadm set option

4.38. ipvsadm error messages

5. LVS-NAT

5.1. Introduction

5.2. LVS-NAT bugs

5.3. Example 1-NIC, 2 Network LVS-NAT (VIP and RIPs on different network)

5.4. All packets sent from the LVS-NAT realserver to the client must go through the LVS-NAT director

5.5. Run the configure script

5.6. Setting up demasquerading on the director; 2.4.x and 2.2.x

5.7. rewriting, re-mapping, translating ports with LVS-NAT

5.8. masquerade timeouts

5.9. Julian's step-by-step check of a L4 LVS-NAT setup

5.10. How LVS-NAT works

5.11. In LVS-NAT, how do packets get back to the client, or how does the director choose the VIP as the source_address for the outgoing packets?

5.12. One Network LVS-NAT

5.13. re-mapping ports, rewriting is slow for 2.0, 2.2 kernels

5.14. Two instances of demon running on realserver

5.15. Performance of LVS-NAT

5.16. Various debugging techniques for routes

5.17. Connecting directly from the client to a service:port on an LVS-NAT realserver

5.18. Masquerading clients on LVS-NAT realservers to the outside world

5.19. Realserver as client in LVS-NAT

5.20. A NAT router has no connections

5.21. Thoughts on extending NAT

5.22. Postings from the mailing list

5.23. LVS-NAT source routing patch (Brownfield, Sawari and Black)

5.24. LVS-NAT FTP Recipe

5.25. LVS-NAT vhosts with apache

5.26. F5 style SNAT

6. LVS: The ARP Problem

6.1. The problem

6.2. Put the VIP on the realservers lo device

6.3. The Cure(s)

6.4. The Cure: 2.0 kernels - nothing needed

6.5. The Cure: 2.2.x kernels - many options

6.6. The Cure: 2.4.x kernels - arp_ignore/arp_announce

6.7. The Cure: 2.6.x kernels - arp_ignore/arp_announce

6.8. arptables

6.9. The arp problem is on the realserver's VIP not the RIP

6.10. Testing an interface for replies to arp requests

6.11. Normal machines, Solaris

6.12. problems with switches

6.13. The ARP problem, the first inklings

6.14. A posting to the mailinglist by Peter Kese explaining the "arp problem"

6.15. arp bouncing

6.16. Lar's Method

6.17. Static Routing to Director

6.18. iproute2 arp on|off flag

6.19. Is the arp behaviour of 2.2.x kernel a bug?

6.20. The device doesn't reply to arp requests, the kernel does.

6.21. Properties of devices for the VIP

6.22. Topologies for LVS-DR and LVS-Tun LVS's

6.23. Why do all devices broadcast the arp replies

6.24. A discussion about the arp problem

6.25. ATM/ethernet and router problems

6.26. Same IP on multiple NICs

7. LVS-DR

7.1. LVS-DR example

7.2. How LVS-DR works

7.3. Handling the arp problem for LVS-DR

7.4. LVS-DR scales well

7.5. LVS-DR director as default gw for realservers, transparent proxy and Julian's martian and forward_shared patches

7.6. Accepting packets on LVS-DR director by fwmarks

7.7. security concerns: default gw(s) and routing with LVS-DR/LVS-Tun

7.8. routing to realserver from director

7.9. LVS-DR, LVS-Tun need rp_filter=0

7.10. Director as client in LVS-DR

7.11. Realserver as client in LVS-DR

7.12. from the mailing list

7.13. rewriting, re-mapping, translating ports with LVS-DR

8. LVS-Tun

8.1. LVS-Tun Intro

8.2. LVS-Tun example setup

8.3. You need a tunl0 device

8.4. the ARP problem with LVS-Tun

8.5. Reply packets appear to be spoofed

8.6. How LVS-Tun works

8.7. The RIP (not the tunl device) receives the ipip packet

8.8. Configure LVS-Tun

8.9. set rp_filter correctly

8.10. FreeBSD realservers with LVS-Tun

8.11. Windows realservers with LVS-Tun

8.12. Realservers without ipip encapsulation

8.13. packets bigger than MTU need fragmentation

8.14. MTU: early signs of problems

8.15. tunl mtu solved: Setting the MTU by MSS with iptables on the realserver

8.16. Setting the MTU by route

8.17. rewriting, re-mapping, translating ports with LVS-Tun

9. LVS: LocalNode

9.1. Two Box LVS

9.2. Testing LocalNode

9.3. Localnode on the backup director

9.4. rewriting, re-mapping, translating ports with Localnode

9.5. One Box LVS

10. LVS: You can't map (or rewrite) ports with LVS-DR, LVS-Tun or localnode (but you can with iptables)

10.1. You can't rewrite ports with localnode (but you can with iptables)

10.2. rewriting, re-mapping, translating ports with iptables in LVS-DR

10.3. can't port map with LVS

11. LVS: Clients on Realservers

11.1. always NAT out clients through VIP

11.2. Masquerading clients on realservers to the outside world (SNAT)

11.3. Masquerading clients on LVS-NAT realservers

11.4. Masquerading clients on LVS-DR realservers

11.5. Masquerading clients on LVS-Tun realservers

11.6. Masquerading clients through the VIP on the director

11.7. 3-Tier LVS

11.8. Routes needed for 3-Tier LVS

11.9. Setting up routes using iptables and iproute2

11.10. from the mailing list

11.11. What is authd/identd?

11.12. authd/identd and other 3-Tier clients

11.13. symptoms of the identd problem

11.14. comp.os.linux.security FAQ on identd

11.15. Russ Nelson on identd

11.16. Why identd is a problem for LVS

11.17. tcpdumps of connections delayed by identd

11.18. There are solutions to identd problem in some cases

11.19. Turn off tcpwrappers

11.20. Identd and smtp/pop/qmail

12. LVS-J: Ludo's reinJect Forwarder: using the director as a gateway to load balance connections to the internet

12.1. Introduction

12.2. reinJect setup with ipvsadm

12.3. The target LVS: sending packets with dst_addr=0/0 to ip_vs

12.4. setting up LVS-J forwarding

12.5. SNAT'ing the output

12.6. LVS-J discussion by Ludo

13. LVS: Services: general, setup, debugging new services

13.1. Single port services are simple

13.2. setting up a (new) service

13.3. services must be setup for forwarding type

13.4. Realservers present the same content: Synchronising (filesharing) content and config files, backing up realservers

13.5. cfengine for synchronising files

13.6. File Systems for (really big) Clusters: Lustre, Panasas

13.7. File Systems for Clusters: Samba waits for a commit and is slow, NFS fills buffers and is fast

13.8. Discussion on distributed filesystems

13.9. load balancing and scheduling based on the content of the packet: Cookies, URL, file requested, session headers

13.10. Idle timeouts for TCP/UDP connections to services

13.11. name resolution on realservers: running name resolution friendly demons on realservers

13.12. Debugging new services

13.13. "broken" services:servlets and j2ee

13.14. http logs, error logs

14. LVS: Services: single-port

14.1. ftp, tcp 21

14.2. ssh, sftp, scp, tcp 22

14.3. telnet, tcp 23

14.4. smtp, tcp 25; pop3, tcp 110; imap tcp/udp 143 (imap2), 220(imap3). Also sendmail, qmail, postfix, and mailfarms.

14.5. Mail Farms

14.6. dns, tcp/udp 53 (and dhcpd server 67, dhcp client 68)

14.7. http name and IP-based (with LVS-DR or LVS-Tun), tcp 80

14.8. http with LVS-NAT

14.9. httpd is stateless and normally closes connections

14.10. netscape/database/tcpip persistence (keepalives)

14.11. dynamically generated images on web pages

14.12. http: sanity checks, shutting down, indexing programs, htpasswd, apache proxy and reverse proxy to look at URL, mod_backhand

14.13. HTTP 1.0 and 1.1 requests

14.14. Large HTTP /POST with LVS-Tun

14.15. Microsoft http clients and servers violate the RFC for TCP/IP

14.16. http keepalive - effect on InActConn

14.17. Testing http with apachebench (ab)

14.18. Apache setup for DoS

14.19. squids, tcp 80, 3128

14.20. authd/identd, tcp 113 and tcpwrappers (tcpd)

14.21. ntp, udp 123

14.22. https, tcp 443

14.23. name based virtual hosts for https

14.24. Obtaining certificates for https

14.25. Self made certificates

14.26. SSL Accelerators and Load Balancers

14.27. r commands; rsh, rcpi (and their ssh replacements), tcp 514

14.28. lpd, tcp 515

14.29. Databases

14.30. Databases: mysql

14.31. Using Zope with databases

14.32. Databases: Microsoft SQL server, tcp 1433

14.33. Databases: Oracle

14.34. nfs, udp 2049 (and possible replacements for nfs)

15. LVS: Services: multi-port

15.1. Introduction

15.2. ftp general, active tcp 20,21; passive 21,high_port

15.3. ftp helper modules: ip_vs_ftp/ip_masq_ftp

15.4. ftp (active) - the classic command line ftp

15.5. ftp (passive)

15.6. ftp helper bug(s)

15.7. ftp is difficult to secure

15.8. ftps (ssl based ftp), tcp 21, 22?

15.9. dns, tcp/udp 53 (and dhcpd server 67, dhcp client 68)

15.10. samba, udp 137, udp 138, tcp 139, tcp 445

15.11. xdmcp, X-window, udp 177 (xdmcp), tcp 6000 (and ssh X-forwarding)

15.12. r commands; rsh, rcp, and their ssh replacements, tcp 513 (,514) and another connection

15.13. Streaming Media: RealNetworks, Quicktime, Windows Media Server, tcp/udp 554 (and other ports)

15.14. Radius, udp 1645,1646

16. LVS: Services that we haven't got to work with LVS yet

16.1. SIP (Session Initiation Protocol)

16.2. Kerberos

16.3. ldap

16.4. RMI

17. LVS: Routing and packet delivery to a director without a VIP (for fwmark and transparent proxy)

17.1. Introduction

17.2. Routing to and accepting packets by a VIP-less director

17.3. Routing to the MAC address of the director

17.4. Julian's iproute2 solutions

17.5. Ludos LVS target in iptables

17.6. Transparent proxy Q and A

17.7. Other tricks

18. LVS: Fwmarks (firewall marks)

18.1. Introduction

18.2. ipvsadm syntax for fwmark

18.3. setting up routing and packet delivery to the director

18.4. single-port service: telnet with fwmarks

18.5. Grouping services: single group, active ftp(20,21)

18.6. Grouping services: two groups, active ftp(20,21) and e-commerce(80,443)

18.7. passive ftp

18.8. fwmark with LVS-NAT

18.9. collisions between fwmark and VIP rules

18.10. persistence granularity with fwmark

18.11. fwmark allows LVS-DR director to be default gw for realservers

18.12. fwmark simplifies configuration for large numbers of addresses

18.13. Example: firewall farm

18.14. Example: LVS'ing a CIDR block

18.15. Example: forwarding based on client source IP

18.16. Example: load balancing multiple class C networks

18.17. Example: proxy server

18.18. Example: transparent web cache

18.19. Example: Multiply-connected router

18.20. httpd clients (browsers)

18.21. Example: dynamically generated images in webpages

18.22. Example: Balancing many IPs/services as one block

18.23. Example: Source controlled LVS - services and realserver customised by Client IP

18.24. Appendix 1: Specificiations for grouping of services with fwmarks

18.25. Appendix 2: Demonstration of grouping services with fwmarks

18.26. Appendix 3: Announcement of grouping services with fwmarks

18.27. fwmark examples from the mailing list

19. LVS: Transparent proxy (TP or Horms' method)

19.1. setting up routing and packet delivery to the director

19.2. General

19.3. How you use TP

19.4. The original 2.2 TP setup method

19.5. Transparent proxy for 2.4.x (and presumably 2.6.x)

19.6. Experiments showing that 2.4TP is different to 2.2TP

19.7. What IP TP packets arriving on?

19.8. Take home lesson for setting up TP on realservers

19.9. Handling identd requests from 2.4.x LVS-DR realservers using TP

19.10. Performance of Transparent Proxy

19.11. The difference between REDIRECT and TPROXY

20. LVS: Transparent Bridging

21. LVS: Persistent Connection (Persistence, Affinity in cisco-speak)

21.1. LVS persistence

21.2. Single Session

21.3. Scheduling looks different under persistence

21.4. Persistent and regular (non-persistent) services together on the same realserver.

21.5. Tracing connections: where will the client connect next?

21.6. Bringing down persistent services.

21.7. Forcing a break in a persistent connection: Horms code (Nov 2004) for quiescing persistent connections

21.8. what if a realserver holding a persistent (sticky) connection crashes

21.9. Load Balancing time constant is longer with persistence

21.10. The tcp NONE flag

21.11. Resetting the persistence timeout counter (persistence behaviour for short timeout values)

21.12. Why you don't want persistence for your e-commerce site: why you should rewrite your application

21.13. more about e-commerce sites: we used to think memory was the problem - it isn't

21.14. persistence with windows realservers

21.15. IIS session management: how it works

21.16. messing with the ipvsadm table while your LVS is running

21.17. Persistence for multiport services

21.18. Proxy services, e.g. AOL

21.19. key exchanges (SSL)

21.20. About longer timeouts

21.21. passive ftp and persistence

21.22. The Persistence Template (about port 0)

21.23. persistent clients behind a proxy or nat box

21.24. Rogue clients hidden by persistence

21.25. Long (1 day) persistence to windows terminal servers

22. LVS: Running a firewall on the director: Interaction between LVS and netfilter (iptables).

22.1. Introduction

22.2. Path of an ip_vs controlled packet

22.3. how to filter with netfilter

22.4. ipvs_nfct, netfilter connection tracking for ipvs

22.5. LVS-NAT netfilter conntrack example with ftp

22.6. tcpdump is LVS compatible

22.7. Writing Filter Rules

22.8. The Antefacto Netfilter Connection Tracking patches

22.9. The design of LVS as a netfilter module, pt1

22.10. The design of LVS for Netfilter and Linux 2.4, pt2

22.11. Example ip_tables filter scripts

22.12. performance hit on director with iptables/netfilter

23. LVS: Cluster friendly versions of applications that need to maintain state

23.1. rewriting your application/service

23.2. Session Data, maintaining state in a cluster, from Andreas Koening

23.3. Maintaining state with persistence

23.4. How others maintain state

24. LVS: Squid Realservers (poor man's L7 switch)

24.1. Terminology

24.2. Preview

24.3. Let's start assembling

24.4. One squid

24.5. Another squid

24.6. Combining pieces with LVS

24.7. Problems

25. LVS: Performance and Kernel Tuning

25.1. Performance Articles

25.2. Estimating throughput: 100Mbps FE is really 8000packets/sec ethernet

25.3. Jumbo frames

25.4. Network Latency

25.5. Mixture of 100Mbps and GigE ethernet

25.6. NICs and Switches, 100Mbps (FE) and 1Gbps (GigE)

25.7. NIC bonding

25.8. NIC problems - eepro100

25.9. NIC problems - tulip

25.10. dual/quad ethernet cards, IRQ sharing problems

25.11. Flakey Switch

25.12. performance testing tools

25.13. Max number of realservers

25.14. FAQ: What is the minimum hardware requirements for a director

25.15. FAQ: How fast/big should my director be?

25.16. SMP doesn't help

25.17. Performance Hints from the Squid people

25.18. Conntrack, effect on throughput

25.19. Don't use the preemptible/preemptable/preemptive kernels

25.20. 9.6Gbps served using LVS-DR with gridftp

26. LVS: Monitoring

26.1. CPU usage/load level on the director?

26.2. LVS throughput at the director with ipvsadm

26.3. Monitoring: LVS director throughput statistics from the /proc system (originally /proc/net/ip_vs_stats)

26.4. MRTG family: Intro

26.5. MRTG family: LVSGSP

26.6. MRTG

26.7. MRTG family: RRDtool

26.8. MRTG family: cacti

26.9. MRTG family: Ganglia (incl. INSTALL)

26.10. MRTG family: rrd images

26.11. Nagios

26.12. MIB/SNMP

26.13. home brew MIB/SNMP

26.14. Disks

26.15. Other output GUIs

27. LVS: Details of LVS operation, Security, DoS

27.1. Top 20 security vunerabilities

27.2. Top 75 security tools from the people at nmap

27.3. Network Testing with Abberant Packets

27.4. Do I need security, really?

27.5. What to do after a break-in, prevention strategies

27.6. More about syncookies

27.7. Can filter rules stop the intruder hopping to other machines?

27.8. Where filter rules act

27.9. /proc filesystem flags for ipv4, e.g.rp_filter

27.10. tcp timeout values, don't change them (at least yet)

27.11. /proc file system settings for LVS: security and private copies of tcp timeouts for LVS connections (you can change these)

27.12. timeouts the same for all services

27.13. Director Connection Hash Table

27.14. Hash table connection timeouts

27.15. Hash Table DoS

27.16. Hash table size, director will crash when it runs out of memory.

27.17. The LVS code does not swap

27.18. Other factors determining the number of connections

27.19. Port range: limitations, expanding port range on directors

27.20. Director does not have any ports (connections) open for an LVS connection

27.21. apps starved for ports

27.22. realserver running out of ports

27.23. Maximum number of NICs

27.24. DoS

27.25. DoS, from the mailing list

27.26. Testing DoS Strategies with testlvs: Creating large numbers of InActConn

27.27. Debugging LVS

27.28. realserver content: filesystem or database? (the many reader, single writer problem)

27.29. Developement: Supporting IPSec on LVS

28. LVS: ICMP

28.1. MTU discovery and ICMP handling

28.2. LVS code only needs to handle icmp redirects for LVS-NAT and not for LVS-DR and LVS-Tun

28.3. ICMP checksum errors

28.4. ICMP Timeouts

28.5. PMTUD (path MTU discovery)

28.6. icmp responses aren't generated by VIP-less directors

29. LVS: High Availability, Failover protection

29.1. Introduction

29.2. Single Point of Failure (SPOF) - you can't protect against everything

29.3. Stateful Failover

29.4. Director failure

29.5. UltraMonkey and Linux-HA

29.6. Keepalived and Vrrpd

29.7. monitoring/failover messages should stay internal to LVS

29.8. Parsing problems with vrrpd config file

29.9. Two instances of vrrpd

29.10. HA MySQL

29.11. Failover of large numbers (say 1024) of VIPs

29.12. Some vrrpd setup instructions

29.13. Filter rules for vrrpd broadcasts

29.14. Vinnie's comparison between ldirectord/heartbeat and keepalived/vrrpd

29.15. Saru: All directors active at the same time

29.16. Server Load Balancing Registration Protocol

29.17. using iproute2 to keep demons running during failover, while link is down

30. LVS: Dynamic Routing, multiple gateways, realservers in multiple LVSs, dead gateway detection

30.1. Setting up multiple gateways: Realservers shared between two LVSs: ip route append

30.2. Connecting from clients through multiple parallel links: the dead gateway problem

30.3. Dynamic Routing to handle loss of routing in directors

30.4. Dynamic routing with gated: An LVS that connects to the outside world through two networks

30.5. flapping stemming from convergence time for spanning tree

31. LVS: Server State Sync Demon, syncd (saving the director's connection state on failover)

31.1. Intro

31.2. Release Notice

31.3. Expiry of Connection in Backup Director

31.4. LVS and syncd do not use conntrack

31.5. Connection Synchronisation (TCP Fail-Over)

31.6. The synchd produces broadcast traffic

31.7. from the mailing list

31.8. Bug (fixed) in syncd: mixed endianness on directors

32. LVS: Realserver failure handled by Mon

32.1. Introduction

32.2. ethernet NIC failure, and channel bonding

32.3. Service/realserver failout: mon, ldirectord

32.4. Mon for server/service failout

32.5. Monitoring the service running on the VIP on the realserver from the director

32.6. About Mon

32.7. Mon Install

32.8. Mon Configure

32.9. Testing mon without LVS

32.10. Can virtualserver.alert send commands to LVS?

32.11. Running mon with LVS

32.12. Why is the LVS monitored for failures/load by an external agent rather than by the kernel?

32.13. Running multiple directors (each with their own IP)

32.14. Mon scripts from Christopher DeMarco

33. LVS: Setting up Linux-HA for directors (mostly by using rpms)

33.1. linux-ha howto

33.2. Fix the (possible) ethernet alias issue.

33.3. Configure /etc/ha.d/. files.

33.4. Stop ldirectord from starting, ensure heartbeat starts on reboot

33.5. starting heartbeat and verifying functionality

33.6. Test your fail-over features, understand HA.

33.7. Configuration of mon - recommended

34. LVS: Director failover using heartbeat

34.1. Introduction

34.2. On using serial and ethernet connections for heartbeat

34.3. Ard van Breeman's replacement for IPaddr using ip and arping

35. LVS: Running LVS under UML (User Mode Linux), by Brett Elliot

35.1. Introduction

35.2. Ethernet bridging

35.3. Putting it all together: UML + LVS examples (not finished)

36. LVS: Newer networking tools: Policy Routing

36.1. Introduction

36.2. Policy Routing and ifconfig

36.3. Various debugging techniques for routes

36.4. checking source routed packets

36.5. handling arp problem with iproute2

36.6. ip commands you mightn't know about

36.7. Ratz's corrections on common iproute2 missconceptions

36.8. Ratz's wrappers (for iproute2)

37. LVS: Weird hardware (and software)

37.1. Arp caching defeats Heartbeat switchover

37.2. Weird Software I: IE client

37.3. Weird Hardware I: cisco catalyst routers gratuitously cache arp data (failover is slow)

37.4. Weird Hardware II: autonegotiation failure on cisco CSS 11050

37.5. Weird Hardware III: Watchguard firewall at client site

37.6. Weird Hardware IV: wrong device gets MAC address

37.7. Weird Hardware V: SonicWAll firewall rewriting sequence numbers

37.8. Weird Hardware VI: cisco 2924XL switch

37.9. Weird Hardware VII: unknown switches don't defragment

38. LVS: Misc/FAQ/Wisdom from the mailing list

38.1. Having one director handling multiple LVS sites, Multiple VIPs

38.2. Setting up a fake service on the realserver with inetd

38.3. How to bring down a realserver for maintenance (eg swap disks)

38.4. temporarily removing a realserver from view of keepalived

38.5. Howto turn your single node ftp/http server into an LVS without taking it off-line

38.6. shutdown of LVS

38.7. Other projects like LVS - Beowulf

38.8. Projects like LVS - Eddie

38.9. Recommendations for a redundant file system, RAID

38.10. on the need for extended testing

38.11. Bringing down aliased devices

38.12. Multiple IPs on the Director

38.13. Testimonials

38.14. Transport Layer Security(TLS)

38.15. Setting up a hot spare server

38.16. An LVS of LVSs

38.17. LVS on a Linux/IBM mainframe

38.18. Running a test LVS (director, backup director and realservers) on one box (UML, VMWare)

38.19. VMWare problems with ntp

38.20. mqseries

38.21. LVS log files

38.22. LVS and linux vlan

38.23. multi-home, multi-router LVS

38.24. Horror story, mostly from slow file system with disk intensive application

38.25. RTNETLINK answers:

38.26. LVS chokes on 600+ connections

39. LVS: L7 Switching

39.1. Introduction

39.2. KTCPVS

39.3. DRWS

39.4. Alexandre's (unamed) L7 code

39.5. from the mailing list about L7 switching

39.6. What is TCPSP?

40. LVS: Geographically distributed load balancing

40.1. Super Sparrow

40.2. sharing/separate routers

40.3. Other uses of BGP4 with LVS

40.4. Geographically remote nodes connected by Bridging

40.5. Load Balancing by DNS (round robin DNS)

40.6. BIND, BGP with load balancing (more ideas from Horms)

40.7. Commercial Geographically Distributed Servers

40.8. from the mailing list

41. LVS: Linux Distributions prepatched with LVS, Unsupported LVS addons

41.1. Distributions prepatched with LVS

41.2. PB's Nutshell HOWTO for Piranha/LVS-NAT

41.3. Horms advice for installing on RedHat systems

41.4. Recipe and LVS binaries for RedHat from Alex Kramarov

41.5. recipes for installing with RedHat from the mailing list

41.6. Hidden RPMs

42. LVS: Useful things that have no other place

42.1. Ramdisk

42.2. cscope

42.3. Neutral currents in multiphase power lines with non-linear loads (like computers with switching power supplies)

42.4. netcat/phatcat

43. LVS: FAQ

43.1. When will LVS be ported to Solaris, xxxBSD...?

43.2. Is there a HOWTO in Japanese, French, Italian, Mandarin...?