Online migration/keeping tcp connections [message #23714] |
Fri, 23 November 2007 09:37 |
dagr
Messages: 83 Registered: February 2006
|
Member |
|
|
I know that online migration can keep idle tcp connections. Ie if i connect to VE by ssh and do nothing , than after online migration session is still active, i can run commands , etc .
But it changes if data transmitted during migration .
Lets say if i do "scp VE:file1 file2". Or if i connect via ssh and do "vmstat 1" , then after migration it either looses connection or "vmstat 1" dies and ssh session still ok .Anyway transferring file always fails. (its valid both for vzmigrate tool and for my custom migration script)
I thought it could be fixed with iptables.
If i have running VE and do "vmstat 1" , then if i make smth like
"vzctl exec ve_test iptables -I OUTPUT -j DROP; iptables -I FORWARD -d ve_test_ip -j DROP" .(to block packets from inside and outside), "vmstat 1" hangs and when i undo this rules it resumes. Same with copiing file.
So i thought if i do migration with blocking packets before suspend and unblocking after resume (when all mess with changing arp/network interfaces ends) then migration will be absolutely transparent for both client and VE. Ie it will be the same as just blocking packets without migration . But it didnt help.
I will investigate further, anyway i wonder if you can tell me about possible reasons why this happens.
(vzctl-3.0.18-1,ovzkernel-PAE-2.6.18-8.1.15.el5.028stab047.1 )
|
|
|
|
Re: Online migration/keeping tcp connections [message #23763 is a reply to message #23727] |
Mon, 26 November 2007 09:02 |
dagr
Messages: 83 Registered: February 2006
|
Member |
|
|
Looks like there is a rule.
Online migration can only keep active connections (transferring file) - on 1 ve_ip per 1 interface. Because such actuve connections are kept only if VE_ip is always masqueraded to same VE_ip. Ie if there is VE with 2 external ips and there are 2 active copiing processes from both ip , then after migration 1 copiing will fail.
|
|
|