[SSI-devel] Re: Finalizing OpenSSI 1.9.0 for Debian
Brought to you by:
brucewalker,
rogertsang
From: John B. <joh...@hp...> - 2005-04-19 23:48:43
|
Brian J. Watson wrote: <...snipped...> > > 2) Bruce and John discovered a problem with LVS and the new sshd. > Apparently, the new sshd attempts to listen in some kind of IPV6 mode, > which doesn't work well with LVS. The result is that ssh connections > aren't load balanced, even though the ssh port is registed with LVS. Can > you look into this and work on a fix? > > John will send a follow-up to this e-mail with more details. Bruce actually did all the finding. "netstat -l" will show listening sockets with "tcp6" and udp6". I believe this means that socket() is being called with the PF_INET6 domain. The two tcp6 services I see on our system are www and ssh. The easy workaround for ssh is to modify /etc/default/ssh to add "-4" to the options; a quick search has not shown me a way to fix apache2, but I hope there is one. If possible, we'd like you to add your listen/bind hooks to ipv6. Since ipv6 simply calls inet_listen, it looks like this might "just work". (At least for things that are really ipv4.) If this doesn't work, then we'll need to document the problems or fix them during the install. John <...snipped..> |