Hi,
I have an IPVS direct routing Load Ballancer VM (LB) which works only when the target Backend VM (e.g. B1) is on the same cluster node.
If LB is on different node than Backend (B1), TCP connection between Client (CL) and Backend (B1) can not be established.
When I turn off Datacenter/Cluster firewall off it works across nodes too.
I suppose ebtables might be the cause but don't know how to deal with this.
Is there a way I can use proxmox firewall and have working IPVS with direct routing mode at the same time?
With several Backend VMs it obviously doesn't make sense to have them all on one node.
Thank you anybody for some help/insight.
I have an IPVS direct routing Load Ballancer VM (LB) which works only when the target Backend VM (e.g. B1) is on the same cluster node.
If LB is on different node than Backend (B1), TCP connection between Client (CL) and Backend (B1) can not be established.
Code:
CL sends SYN packet to LB and LB passes it to B1.
B1 sends SYN-ACK to CL.
CL responds to LB with ACK, but this packet never arrives to LB.When I turn off Datacenter/Cluster firewall off it works across nodes too.
I suppose ebtables might be the cause but don't know how to deal with this.
Is there a way I can use proxmox firewall and have working IPVS with direct routing mode at the same time?
With several Backend VMs it obviously doesn't make sense to have them all on one node.
Thank you anybody for some help/insight.