The Director s Connection Tracking Table

Previous page
Table of content
Next page

The Director's Connection Tracking Table

The Director's connection tracking table (also sometimes called the IPVS connection tracking table, or the hash table) contains 128 bytes for each new connection from a client computer in order to store just enough information to return packets to the same real server when the client computer sends in another network packet during the same network connection.

Hash Table Structure

The tracking table consists of both rows and columns. Each row is called a hash bucket, and each column is a connection tracking record. Each record in the connection tracking table contains timer information; the protocol used by the packet; the client's IP address or CIP and the client's port number; the virtual IP address or VIP and the VIP port number; and some additional control information. Each row, or hash bucket, can contain an unlimited number of these records.

Because the Director looks for a match in this table every time it receives a packet, table lookups need to be as fast as possible. LVS speeds up table lookups by using a hashing technique to determine which row it should search first. Ideally, then, the table should have a very small number of connection records stored in each bucket (each row), because it takes less time for the hash function to locate the correct bucket than it would to run a sequential search through a large number of records within the bucket. The LVS programmers recommend 16 records per row and no more than 20.

Controlling the Hash Buckets

You control the number of buckets (rows) in the LVS hash table with the kernel option "IP masquerading VS table size" in kernel 2.2, and with "IPVS connection table size" in 2.4 and later. The number two is raised to the power of the value you enter for this kernel parameter; by default, LVS will create 212 or 4,096 hash buckets in the LVS hash table. This is the number of hash buckets the Director will use to speed connection record lookups, not the maximum number of simultaneous connections your Director will support. (The number of connection records the table will hold is limited only by the amount of available memory on the Director.)

Note 

One client may have multiple connection tracking table entries if it is accessing cluster resources on different ports (each connection is one connection tracking record in the connection tracking table).

Viewing the Connection Tracking Table

In the 2.4 and later series kernel, you can view the contents of the connection tracking table with the command:[6] 

 #ipvsadm -lcn

The size of the connection tracking table is displayed when you run the ipvsadm command:

 #ipvsadm IP Virtual Server version 0.8.2 (size=4096)

This first line of output from ipvsadm shows that the size of the connection tracking table is 4,096 bytes (the default).

[6]In the 2.2 series kernel, you can view the contents of this table with the command #netstat -Mn.


Previous page
Table of content
Next page
The Linux Enterprise Cluster. Build a Highly Available Cluster with Commodity Hardware and Free Software
Linux Enterprise Cluster: Build a Highly Available Cluster with Commodity Hardware and Free Software
ISBN: 1593270364
EAN: 2147483647
Year: 2003
Pages: 219
Authors: Karl Kopper
BUY ON AMAZON
Inside Network Security Assessment: Guarding Your IT Infrastructure
Secure Programming Cookbook for C and C++: Recipes for Cryptography, Authentication, Input Validation & More
Introducing Microsoft ASP.NET AJAX (Pro - Developer)
After Effects and Photoshop: Animation and Production Effects for DV and Film, Second Edition
Extending and Embedding PHP
Python Standard Library (Nutshell Handbooks) with
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy