IPv6 load balancing

From LVSKB
Jump to: navigation, search

IPv6 load balancing support was added to IPVS by Julius Volz and Vince Busam at Google. The kernel patches were mainly written by Julius, the new ipvsadm version by Vince. Please note that IPv6 support is experimental and has only had limited testing.

Status

The first IPv6 support for IPVS load balancing was released in Linux kernel 2.6.28-rc3. Go to the IPVS Software Page to download the latest version of ipvsadm, which is needed to use these new features. The development branch of Linux-HA contains a ping6 module for heartbeat and limited IPv6 support in ldirectord.

What works with IPv6

  • forwarding mechanisms: NAT, DR, maybe Tunnel (not fully tested yet)
  • protocols: TCP, UDP, ESP, AH (last two not tested)
  • manipulation and inspection of both IPv4 and IPv6 entries with ipvsadm
  • 6 out of 10 schedulers (10/10 in latest net-next dev tree)
  • ping6 monitor in heartbeat
  • ldirectord using external commands for monitoring

What is not supported with IPv6

  • handling fragmentation or other extension headers
  • FTP application helper (can be loaded, but only operates on v4)
  • sync daemon (can be started, but only operates on v4)
  • probably some incorrect handling of ICMPv6 or other corner cases
  • Most built-in probes in ldirectord - use checkcommand
  • Real servers must be specified individually in ldirectord, address ranges are not supported

Since fragmentation and extension headers should not occur very often, things should "mostly" work. I (Julius) tested HTTP and DNS over NAT and DR with various supported schedulers without encountering any problems. But we didn't test any exotic situations. Also, there are some TODOs in the code for things that haven't been tested or implemented yet.

Examples

Adding an IPv6 TCP service with two real servers:

ipvsadm -A -t [fc00::1]:80
ipvsadm -a -t [fc00::1]:80 -r [fc00::2]:80 -g
ipvsadm -a -t [fc00::1]:80 -r [fc00::3]:80 -g

Adding an IPv6 fwmark service with one real server:

ipvsadm -A -f 1 -6
ipvsadm -A -f 1 -6 -r [fc00::2]:80 -m

ldirectord configuration

virtual = [fc00::1]:80
       protocol = tcp
       scheduler = wlc
       quiescent = no
       real = [fc00::3]:80 gate 1000
       real = [fc00::4]:80 gate 1000
       service = http
       checktype = external
       checkcommand = /usr/local/bin/my-custom-ipv6-http-test